Exim Blacklists

B

BrianUK

Verified User
Joined
Feb 4, 2006
Messages
89
Hi

Can someone tell me how to enable use of blacklists in exim. I can see a lot reference to blacklists in exim.conf ie

#require verify = sender

# deny using spamhaus
deny message = Email blocked by SPAMHAUS - to unblock see http://www.example.com/
# only for domains that do want to be tested against RBLs
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = zen.spamhaus.org

along with other BL providers but how do I enable it for a domain? Is it a case of adding it to the /etc/virtual/use_rbl_domains file? ie domain.com?

thanks
 
Yes you just add the domains you want to be scanned to that rbl file.
 
Or if you want it to work for all domains on your server (no exceptions), delete the use_rbl_domains file, and instead create a link, linking it to the domains file:
Code: 
# rm -f /etc/virtual/use_rbl_domains
# ln -s /etc/virtual/domains /etc/virtual/use_rbl_domains
Jeff
 
excellent added domain and it appears to be working, does anyone have a script that can show amount of spam deleted suitable for DA virtual user enviroment I did see one somewhere but can't remember where.
 
grep for the deny message in the exim log. You did write your own deny message in the exim.conf file didn't you? Otherwise you will be telling people to go to example.com to get whitelisted.
 
To count (as opposed to look at) all email blocked by SpamBlocker from a given rejectlog:
Code: 
$ grep -c "Email blocked by" /var/log/exim/rejectlog
To count for a specific date, just do an additional grep for the date. For example, to find out how much spam was deleted on November 12, 2008:
Code: 
$ grep "2008-11-12" /var/log/exim/rejectlog | grep -c "Emailblocked by"
.
To count for a specific blocklist, replace the words "Email blocked by" with the name of the blocklist, in all capitals, exactly as shown in /etc/exim.conf. For example, to count all email blocked by SPAMHAUS on November 12, 2008:
Code: 
$ grep "2008-11-12" /var/log/exim/rejectlog | grep -c "SPAMHAUS"
However, when checking for specific blocklists, remember that once one blocklist blocks an email it's not checked by any other. In my case for example, SPAMHAUS blocks the greatest percentage of email, but if I wasn't using it, other blocklists would catch more spam.

Curious? All email blocked on the one server I checked to write this example, for November 12, 2008, totaled 15,417 emails. Of that, 15,222 were blocked by SPAMHAUS.

Curious about how many actual emails were delivered on that server that same day?
Code: 
grep "2008-11-12" /var/log/exim/mainlog | grep -c "T=virtual_localdelivery"
Note that I checked mainlog for this, not rejectlog.

That server delivered 2,711 emails on that same day.

Or to put it into perspective, a total of 18,128 email deliveries were attempted on the server on November 12, 2008 (blocked + delivered). Of that, 15,417 were blocked, a total if 85.05%. 14.95% were delivered. Sure there was spam delivered; it happens. But 85% is a reasonable block rate for a free solution included in DirectAdmin, don't you think :)?

For what it's worth, these numbers came from my test copy of SpamBlocker Version 3-beta, using my latest test code. We intend to get it even better :).

Jeff
 
Just greped a server
Delivered 673 (includes some spams)
Rejected 60283

Spamblocker definitely helps reduce the load on that server...
 
You must log in or register to reply here.
Back
Top