Blackhole list in exim.conf

locateMe

Verified User
Joined
Feb 12, 2004
Messages
44
I followed these instructions by removing the # from the front of rb_domains.... and I then restarted exim but it failed with an error message about rbl_domains

Should I have done something else?

Thanks
Steve

# Exim contains support for the Realtime Blackhole List (RBL) that is being
# maintained as part of the DNS. See http://mail-abuse.org/rbl/ for background.
# Uncommenting the first line below will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at blackholes.mail-abuse.org.
# Some others have followed the RBL lead and have produced other lists: DUL is
# a list of dial-up addresses, and there are also a number of other lists
# of various kinds at orbs.org.

# rbl_domains = blackholes.mail-abuse.org
 
do I need a new exim.conf

Does that mean that I need to get a new exim.conf and install it?

Or just add the line that you kindly gave me?

Steve
 
Just add the line. The "leftover" commands are from the exim.conf version converter we used back when we upgraded to exim 4. Since it was commented out, the converter left it in the new file.

John
 
spelling??

Just read the doc you point out and I put the exact code into Exim and got the error below about "deny"
 
Last edited:
must be something else because I get

Starting exim: 2004-03-09 14:48:06 Exim configuration error in line 211:
main option "deny_dnslists" unknown

and

Starting exim: 2004-03-09 14:48:06 Exim configuration error in line 211:
main option "deny " unknown
 
Hello,

That's an access control list.. so it would probably have to go in the "check_recipient:" secion of th acl.

John
 
I'm almost ready to release my exim.conf file, which uses both spamassassin and RBLs on a domain-by-domain basis.

The only thing left to do is document the whole mess, since it's a complete rewrite.

Jeff
 
DirectAdmin Support said:
Hello,

That's an access control list.. so it would probably have to go in the "check_recipient:" secion of th acl.

John

Ok... time to work on the communication skills again :D

Probably or it does go there? Which is it? When I added the line under the 'check_recipient' section and did an 'exim restart' it just hung up... nice.

I have searched and searched with no to little information regarding adding RBL's to Exim. Now I admit that I'm a Sendmail guy and am having to learn Exim but let's not make this so hard. Exim's docs aren't exactly the most enlightening I have read, but again, I'm not an Exim expert.

I, like many others, would like to add certain RBL's to Exim... spamcop, ordb..etc which have worked nicely for me via sendmail in the past (let's not get into a 'which rbl is best' discussion.

So.. instead of me becoming an Exim expert how about a How-To of what to add and where to add the code necessary for Exim to refer to certain rbl's?

What would be REALLY nice is a simple list of RBLs in the DA CP that you could simply check or uncheck to use either system wide or on a domain basis.

So, short of Jeff having to rewrite the exim.conf (muchas gracias Jeff) how about a How-To?

Thanks,
 
Last edited:
Hello,

Here's a nice, (untested) how-to :)

Make you /etc/exim.conf "check_recipient:" section (about line 264) look like this:
Code:
check_recipient:
  deny dnslists = relays.ordb.org : \
                          sbl.spamhaus.org : \
                          opm.blitzed.org
  accept  hosts = :
  accept  domains = +local_domains
  accept  domains = +relay_domains
  accept  hosts = +relay_hosts
  accept  hosts = +auth_relay_hosts
          endpass
          message = authentication required
          authenticated = *
  deny    message = relay not permitted
:)
John
 
The /var/log/exim/rejectlog contains log information for everything rejected by ACLs.

My new exim.conf file uses a different logging format, which I find very helpful.

It also has a manual blacklist you can add domains to; we use it for spammers who think they're legal, so it's okay for them to spam.

Jeff
 
When?

When do we get the new exim.conf?

Do we upload it manually when released or just update DA

Thanks loads

Steve
 
another thing

To try and reduce the spam problem as I am receiving a lot of emails to non-existant email addresses on the server I tried to enable receiver_verify as the comments say

"Unknown recipients are then rejected at this stage, and the generation of a failure message is the job of the sending host."

Lovely I thought - let them get the load in rejecting messages

But when I restarted Exim it complained loudly about receiver_verify being unknown..

How do we enable this excellent feature in Exim 4?

Thanks
 
Re: When?

locateMe said:
When do we get the new exim.conf?
As soon as I finish documenting it and finding "loose ends".

For example, the "receiver_verify" which you wrote about in your most recent email.

It takes time to track through all the possible options I've got in my exim.conf file but have left commented out, and see what unintended things could happen if I uncomment them.
Do we upload it manually when released or just update DA
You can do either.

If you want, you can download it when I've finished documenting it, install it, create the few extra files it requires in /etc/virtual, restart exim, and use it immediately, as I do.

Or you can wait until the DA team goes over it, makes whatever changes they want, and creates a "front-end" control panel interface for it.

It's entirely up to you.

Jeff
 
Re: another thing

locateMe said:
To try and reduce the spam problem as I am receiving a lot of emails to non-existant email addresses on the server I tried to enable receiver_verify as the comments say

"Unknown recipients are then rejected at this stage, and the generation of a failure message is the job of the sending host."
I know for a fact that my installation of exim rejects messages for nonexistent recipients even with receiver_verify commented out; I'm checking with Dr. Hazel (he wrote exim), but in the meantime leave it commented out.

What do you have checked under "catchall" for the domain? There are three options, and only one of them will reject email for unknown recipients.

Jeff
 
Rejection

I have 'ignore' set in the catchall

However that's not the point is it? I don't want to return the message to the senders host with an email that say's user unknown. I want the SMTP process to reject it so that the senders host does that.

Or is that what it does (not an SMTP expert) LOL

STeve
 
DA, by default, runs exim in such a way that it refuses email at SMTP for undeliverable recipients.

Jeff
 
Back
Top