Exim caching dnsbl ?

Nerigal

Verified User
Joined
Jul 6, 2009
Messages
124
Hi

recently i got serious problem with Exim i can't find how to fix it.

for some reason the dnsbl system of exim keep blocking good email.
and this is happening only with b.barracudacentral.org.

so then i tested manually the ip adress on the barracuda site which tell me that the ip has good reputation....
so i went in the exim.conf file to remove b.barracudacentral.org from the #EDIT#41

restarted exim

and exim is STILL blocking the same ip showing 550 Email blocked by b.barracudacentral.org

so ive tried to lookup the ipadress from the current server using host xxx.xxx.xxx.xxx.b.barracudacentral.org
and barracuda return correctly NX DOMAIN found

then ive tried to upgrade spamblocker 4.1 to 4.2
i tried to restart server...

problem still here.

when i do exim -bV its telling me i use Exim 4.77 and the configuration file is /etc/exim.conf
which seems to be OK to me

i have to more idea how this can happen and so how to fix this.

any idea ? any broken caching system that exim would use for dnsbl resolution result ?
thanks
 
Maybe it would be wise to upgrade to Exim 4.80.1 first, don't forget to also update the exim.pl file.

I also had such problem with barracuda, but in that case it was not the originating ip but the ip of the smtp server the mail went through.
So you have to both check the originating ip and the mailserver ip with barracuda.

It's not Exim causing the problem.
 
well ok but i dont understand the fact that exim is still requesting ip to barracuda after ive removed it from exim.conf file and restarted not just the service itself "service exim restart " but the server "shutdown -r now"
 
problem still here.
This shouldn't be happening, as exim runs the ACLs in exim.conf separately for each incoming email, so as long as the file has been changed the changes should take effect.

Using my latest version of SpamBlocker, exactly what error message do you get?

What is the result of this command:
Code:
$ grep b.barracuda /etc/exim.conf

Jeff
 
grep b.barracuda /etc/exim.conf return notting
and the error message i got is 550 email blocked by b.barracudacentral.org
 
found the answer... it is really noob but the fact that im not used to new spamblocker could explain it

older version of spamblock that i use, dnsbl rules dont use variable $dnslist_domain for outgoing error message but display the servername literally example
Email blocked by my.servername.com instead of Email blocked by b.barracudacentral.org

actually Email blocked by $dnslist_domain is OK for local error log message but remote response for a ban should be the name of the server that rejected the email so you dont get confused.
 
You can change it to say what you want, but still, if you don't use the b.barracudacentral.org list, I don't see how it can be returned by exim.conf, $dnslist_domain is returned from the dnslist = \[/i[ line, which in turn get's the name from one of the lines immediately below; in the main configuration that's the b.barracudacentral. : \ line.

Absent that line, I don't see why you're getting that return.

Jeff
 
i know this dones't work but you may understand what i meens.

Code:
#EDIT#41:
  deny message = Email blocked by $primary_hostname
  log_message =  Email blocked by $dnsbl_list
       hosts    = !+relay_hosts
       domains = +use_rbl_domains
       domains = !+skip_rbl_domains
       !authenticated = *
       dnslists = \
       cbl.abuseat.org : \
       bl.spamcop.net : \
       dnsbl.ahbl.org : \
       combined.rbl.msrbl.net : \
       b.barracudacentral.org : \
       zen.spamhaus.org
 
Barracuda is still in your list. To remove it either delete the complete line or comment it out:
Code:
dnslists = \
       cbl.abuseat.org : \
       bl.spamcop.net : \
       dnsbl.ahbl.org : \
       combined.rbl.msrbl.net : \
    #  b.barracudacentral.org : \
       zen.spamhaus.org
This is just a convenience way of showing one long line; the \ symbol simply tells the system to treat the next line as if was part of the same line.

The : symbol is simply a separator.

Jeff
 
Back
Top