Results 1 to 6 of 6

Thread: blacklist_domains not working?

  1. #1
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,663

    blacklist_domains not working?

    Or am I doing something wrong?

    We're getting a lot of spam coming form or via Amazonaws.com and it keeps coming. So we decided to block this in the /etc/virtual/blacklist_domains file like this:
    Code:
    *.amazonaws.com
    And ofcourse restarted or reloaded Exim.

    So we thought it would blacklist all mail originating from mailservers with a helo of amazonaws.com but it doesn't as can be seen from the log:
    Code:
    2018-12-06 14:15:38 1gUtV8-0002hl-6m <= return@mta2.rdr2.icu H=ec2-3-16-194-57.us-east-2.compute.amazonaws.com (mta2.rdr2.icu) [3.16
    .194.57] P=esmtp S=7403 T="Slank, slank, Smart Skylink Is hier om GRATIS LIVE HD-tv te bieden!" from <return@mta2.rdr2.icu> for user
    @domain.nl
    2018-12-06 14:15:38 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1gUtV8-0002hl-6m
    2018-12-06 14:15:38 1gUtV8-0002hl-6m => user <user@domain.nl> F=<return@mta2.rdr2.icu> R=virtual_user T=dovecot_lmtp_udp S=7670
    C="250 2.0.0 <user@domain.nl> 3lt3HvogCVyTJQAADNWw8g Saved"
    Now the mta is from .icu but the Helo, the H= still says amazonaws.com and even the ip used resolves to it.

    Now I have 2 questions.

    1.) Why is this not working, or am I doing something wrong?
    2.) There is also the bad_sender_hosts_ip file. Just to be sure... I can use CIDR in there like xxx.xxx.xxx.xxx/24 correct?
    Greetings, Richard.

  2. #2
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,663
    Anybody?

    If not I have to send in a ticket, because I also blocked things like .club which are also coming through.
    Greetings, Richard.

  3. #3
    Join Date
    Apr 2009
    Posts
    2,227
    I have a pretty large blacklist_domains file on my servers, and it seems to work correct for me. Maybe you should double check the permissions on the blacklist_domains file? On my CentOS 7 servers it has owner/group set to mail mail , and 644 file permission.

  4. #4
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,663
    Thank you Ditto.

    I checked and owner and permissions are correct.

    Can you confirm that this is the correct way to put entry's in the file?
    Code:
    *.bid
    *.co.jp
    *.date
    *.evisoraya.com
    *.xyz
    *.amazonaws.com
    *.club
    *.icu
    Greetings, Richard.

  5. #5
    Join Date
    Apr 2009
    Posts
    2,227
    Yes, it seems correct, that is how I write it also.

  6. #6
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,663
    Thank you, then I have too check the logs again.
    Greetings, Richard.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •