Richard G
Verified User
I got issues today which I'm not happy with. First of all mail from a mail address which was already in /etc/virtual/blacklist_senders but still was delivered, which is odd on itself.
Now I got another spam mail. My mailwasher program on my PC detected that this ip was present already in Spamcop, but it was not blocked on my server.
The abusive ip: 103.120.176.18
Now seems some spam checking part has seen that this was listed in Spamcop, but only gave 1.2 points for it.
Probably spamassassin I presume.
But some time ago, all mail listed in one of my configured RBL's was just refused, which is not happening now, at least not with this mail.
What's going wrong here? Why is an RBL listing not just being refused anymore by Exim?
P.s. this is my exim.strings.conf.custom file:
And last weeks I've also seen mail being delivered which was listed in mailspike.
Now I got another spam mail. My mailwasher program on my PC detected that this ip was present already in Spamcop, but it was not blocked on my server.
The abusive ip: 103.120.176.18
Code:
2025-02-15 17:57:23 1tjLTk-0000000EwXx-2NGR <= <> H=(ARTHADISHA-COM.home) [103.120.176.18] P=esmtps X=TLS1.2:ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=no S
=2752 id=214C19960C004B61A15DA9BC9C83D6B8.MAI@home T="RE" from <> for [email protected]
2025-02-15 17:57:23 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1tjLTk-0000000EwXx-2NGR
2025-02-15 17:57:23 1tjLTk-0000000EwXx-2NGR => info <[email protected]> F=<> R=virtual_user T=dovecot_lmtp_udp S=2914 C="250 2.0.0 <[email protected]> kBO4MHPHsGcL3zQAugeUdg Saved"
Code:
X-Spam-Score: 6.6 (++++++)
X-Spam-Report: Spam detection software, running on the system "serverxxx.somehoster.nl",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: I am Ms. Anita Roy, a widow from Honolulu, Hawaii, gravely
ill with little time left. I wish to entrust you with funds for charity,
as my late husband’s relatives are unfairly trying to claim them.
Content analysis details: (6.6 points, 7.5 required)
pts rule name description
---- ---------------------- --------------------------------------------------
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked - see <https://www.spamcop.net/bl.shtml?103.120.176.18>]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60%
[score: 0.5493]
0.1 TO_MALFORMED To: has a malformed address
0.8 FROM_NO_USER From: has no local-part before @ sign
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
0.7 HK_NAME_MR_MRS No description available.
2.1 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
SpamTally: Final spam score: 66
X-Antivirus-Scanner: Clean mail though you should still use an AntivirusNow seems some spam checking part has seen that this was listed in Spamcop, but only gave 1.2 points for it.
Probably spamassassin I presume.
But some time ago, all mail listed in one of my configured RBL's was just refused, which is not happening now, at least not with this mail.
What's going wrong here? Why is an RBL listing not just being refused anymore by Exim?
P.s. this is my exim.strings.conf.custom file:
Code:
RBL_DNS_LIST==bl.spamcop.net : b.barracudacentral.org : imap.bl.blocklist.de : mail.bl.blocklist.de : psbl.surriel.com : z.mailspike.net