SpamBlocker-Powered exim.conf, Version 4

I'm seeing a lot of this in the Exim mainlog

2013-06-06 09:05:12 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:13 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:13 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:14 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:27 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:33 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:38 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:47 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:49 unknown named domain list "+skip_av_domains"
2013-06-06 09:05:54 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:12 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:23 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:31 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:35 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:39 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:43 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:49 unknown named domain list "+skip_av_domains"
2013-06-06 09:06:52 unknown named domain list "+skip_av_domains"

I have no idea what is causing this.
 
Most like you're missing the file /etc/virtual/skip_av_domains.

Does your exim.conf file have this line:
Code:
#domainlist skip_av_domains = lsearch;/etc/virtual/skip_av_domains
or does it have the line without the '#' comment symbol at the beginning?
Code:
domainlist skip_av_domains = lsearch;/etc/virtual/skip_av_domains
The problem is probably due to an improper customization or setup of a version of SopamBlocker 4. You can find the latest version here (nobaloney.net); click on Click Here to Download and look at the ReadMe file for more complete information.

Jeff
 
Doh! I was looking right at that line, but didn't notice it was commented out!

Thank you
 
I notice in

#EDIT#39:
deny message = Email blockedby local blacklist
domains = +use_rbl_domains
domains = !+skip_rbl_domains
sender_domains = +blacklist_domains

I did define those blacklist domains in /etc/virtual/blacklist_domains. However, found that the blacklisted domains emails still flood in.
I commented the 2 lines

#EDIT#39:
deny message = Email blockedby local blacklist
#domains = +use_rbl_domains
#domains = !+skip_rbl_domains
sender_domains = +blacklist_domains

and get it working fine.

May I know what is the function of the following 2 lines and in what circumstances that we need to us them?
domains = +use_rbl_domains
domains = !+skip_rbl_domains
 
domains = +use_rbl_domains
The recipient domain must be listed in the /etc/virtual/use_rbl_domains file for the local blacklist to be checked.

domains = !+skip_rbl_domains
The recipient domain must NOT be listede in the [/i]/etc/virtual/skip_rbl_domains[/i] file for the local blacklist to be chedked.

Both of these must pass or the local blacklist file won't be checked. For most of us, chosing to use the blocklists for all domains, /etc/virtual/use_rbl_domains is simply a link to /etc/virtual/domains and the /etc/virtual/skip_rbl)domains is a list of domains for which users have requested you don't block anything.

But for those who've decided to only use blocklists for clients/domains who request it, then /etc/virtual/use_rbl_domains is a file (not a link), in which you put the domain names of the files wanting to use blocklists, and /etc/virtual/skip_rbl_domains is an empty file (which must exist).

Jeff
 
Thank you for your enlightenment!

Your explanation has led me to have a clearer understanding on other options as well.
 
correct syntax of bloklists

Maybe a stupid newbie question, but i cant find anywhere a example of what the correct syntax is in al the different blocklist files
/etc/virtual/bad_sender_hosts
/etc/virtual/bad_sender_hosts_ip
/etc/virtual/blacklist_domains
/etc/virtual/blacklist_senders
/etc/virtual/whitelist_domains
/etc/virtual/whitelist_hosts
/etc/virtual/whitelist_hosts_ip
/etc/virtual/whitelist_senders
/etc/virtual/use_rbl_domains
/etc/virtual/skip_av_domains
/etc/virtual/skip_rbl_domains

an example of 2 items per file should do the trick...
becourse i'm new to al this, i'm not sure how to do it correctly and therfore also afraid of doing something wrong.
 
It's IP's (IPv4's I guess, not sure about IPv6's), eg. 123.123.123.123, and domains are without the www. eg. directadmin.com
 
hosts are hostnames of sending servers.

hosts_ip are the IP addresses of hostnames. CIDR notation is acceptable. IPv6 should be acceptable if Exim is compiled to use it, but has not been tested.

domains are the domain name of the sender's return address (the right side after the @ symbol).

senders are the complete sender email address.

Note that senders are not necessarily the same as the From address.

One to a line.

Jeff
 
Hi,

today I found that my exim installation is case sensitive.
tried to change it by using this site: http://notes.brooks.nu/2008/10/making-exim-case-insensitive/

Code:
lowercase_local:
     driver = redirect
     redirect_router = localuser
     domains = +local_domains
     data = ${lc:$local_part}@$domain

But this doesn't seem to work.
Is there something I should change to make this work with spamblocker?

regards,
Stijn
 
I don't know why you're having a problem. I just sent some emails tomy (standard DirectAdmin-based) exim install using SpamBlpcker 4, using random capital letters in the local part of my email address, and they all came through fine.

Which version of exim are you using? Which exim.conf file?

Jeff
 
Hi,

edit: Just found our confusion. It isn't happening when I try to email to an address with capitals. But when setting up outgoing server authentication with an email with capitals.


Just tried it with latest version of exim (didn't have time to upgrade yet). And it's still not working.

Code:
# SpamBlockerTechnology* powered exim.conf, Version 4.2
# 21-May-2013  11:20 (-0700)

Code:
#VERSION=13

Code:
2013-11-01 16:21:26 login authenticator failed for home-reverse-dns (PCStijn) [xxx.xxx.xxx.xxx]: 535 Incorrect authentication data ([email protected])
2013-11-01 16:22:08 login authenticator failed for home-reverse-dns (PCStijn) [xxx.xxx.xxx.xxx]: 535 Incorrect authentication data ([email protected])

Didn't really change much in the exim.conf file except for the neccesary things, removing block lists, and added two smarthost forwarders for two domains.

I'm trying this by going to Outlook, changing the account settings and st outgoing server to use it's own authentication (with capitals).

regards,
Stijn
 
Last edited:
I don't think there's anything you can change in exim.conf to enable it; I don't think it's possible to enable it, because it's not an issue with delivery; it's an issue with authentication against a password file. Password files always treat case dependent.

I suppose you could make a feature request of the exim team, but frankly I doubt they'd add it, as it would make exim's authentication method both non-standard and arguably less secure.

Jeff
 
Hi,

I always thought usernames were not case sensitive, guess that's windows only :)

Altough,
After searching some more. It seems dovecot also ignores uppercase letters when authenticating.
I also found that it's exim.pl that does the authentication for exim.
I now changed some code in exim.pl so it lowercases the input username and the comparing username.

I will post this in another thread for discussion.

thanks,
Stijn

edit: Thread created.
 
Last edited:
G'day Jeff, I read the new Spamblocker 4.2 notes, regarding "Version 4.2 should be used with the latest version of exim.pl" no later than the date of spamblocker release, so I was thinking that I would update to Exim 4.80.1 and not Exim 4.82
http://files.directadmin.com/services/custombuild/exim-4.80.1.tar.gz dated 26-Oct-2012
Have you had any confirmations its fine on Exim 4.82 otherwise to be sure I may just update to 4.80.1
 
For a bit more clarification: SpamBlocker 4.x should run with any Exim 4.x version. And I always suggest people use the latest exim.pl.

However I don't always keep it up with the latest DirectAdmin changes to their distribution, as long as I don't need the functionality.

There'll probably be another version, due some time in 2014, and after that I'll probably give it up to the community.

But of course anyone can take it and fork it now.

Jeff
 
Unfortunately I really don't keep traack of changes to DirectAdmin's version, so I don't know.

If anyone else has kept track perhaps they'll post.

Perhaps if you or someone else can post a list of all changes to DirectAdmin's version since they first started using an earlier copy of SpamBlocker, then I can find the missing features and make sure they're all added.

Or perhaps someone else can take the time to look through my version and compare it with the DirectAdmin official version and tell me what needs to be added.

Jeff
 
Back
Top