SpamBlocker-Powered exim.conf, Version 4

I dont think there would be any, but i may be wrong.

Some time ago i did sent you my exim.conf based on your SB4.1 (or 4.2 not sure) that was working pretty fine.

I suppose i'll implement greylist with /24 subnet as seen on another thread for better "compatibility" with greylist cause i did had to deactivate that since google mail was going to never arrive (since they try send each time with a different IP).

Regards
 
Thanks for reminding me, SeLLeRoNe. Pleasel remember to write me again when I open up a thread on requeested changes to the next version. I'll want everything in one place; to make it as easy as possible. It may ending up having a lot of changes and additions, and I'd like it to be as easy as possible.

Jeff
 
I'm having issues with an Exchange server unable to send auto reply messages to users on my directadmin box
Looking at the Exchange server logs te only difference is that the auto reply messages have and empty MAIL FROM:<>
Could it be that DA/Exim/Spamblocker is blocking empty senders?
 
Sure it could be. Is your Exchange server logging the reason that SpamBlocker gives when it refuses a message? If not, then check the Spamblocker exim.conf reject log at /var/log/exim/rejectlog for complete information.

Jeff
 
This is wat exchange tells me:

Code:
2014-01-13T12:55:51.411Z,SMPT aaa.com,08D0DE759EE639E1,15,10.1.1.13:35673,79.170.90.235:25,>,EHLO AAA.local,
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,16,10.1.1.13:35673,79.170.90.235:25,<,250-vps05.xxx.nl Hello AAA.local [37.74.xxx.xxx],
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,17,10.1.1.13:35673,79.170.90.235:25,<,250-SIZE 20971520,
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,18,10.1.1.13:35673,79.170.90.235:25,<,250-8BITMIME,
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,19,10.1.1.13:35673,79.170.90.235:25,<,250-PIPELINING,
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,20,10.1.1.13:35673,79.170.90.235:25,<,250-AUTH PLAIN LOGIN,
2014-01-13T12:55:51.416Z,SMPT aaa.com,08D0DE759EE639E1,21,10.1.1.13:35673,79.170.90.235:25,<,250 HELP,
2014-01-13T12:55:51.417Z,SMPT aaa.com,08D0DE759EE639E1,22,10.1.1.13:35673,79.170.90.235:25,*,12,sending message
2014-01-13T12:55:51.417Z,SMPT aaa.com,08D0DE759EE639E1,23,10.1.1.13:35673,79.170.90.235:25,>,MAIL FROM:<> SIZE=2667,
2014-01-13T12:55:51.417Z,SMPT aaa.com,08D0DE759EE639E1,24,10.1.1.13:35673,79.170.90.235:25,>,RCPT TO:<[email protected]>,
2014-01-13T12:55:51.420Z,SMPT aaa.com,08D0DE759EE639E1,25,10.1.1.13:35673,79.170.90.235:25,<,250 OK,
2014-01-13T12:55:51.420Z,SMPT aaa.com,08D0DE759EE639E1,26,10.1.1.13:35673,79.170.90.235:25,<,550 We didn't send the message,
2014-01-13T12:55:51.421Z,SMPT aaa.com,08D0DE759EE639E1,27,10.1.1.13:35673,79.170.90.235:25,>,QUIT,
2014-01-13T12:55:51.425Z,SMPT aaa.com,08D0DE759EE639E1,28,10.1.1.13:35673,79.170.90.235:25,<,221 vps05.bbb.nl closing connection,
2014-01-13T12:55:51.425Z,SMPT aaa.com,08D0DE759EE639E1,29,10.1.1.13:35673,79.170.90.235:25,-,,Local

This is wat exim tells me (rejectlog):
Code:
2014-01-13 13:59:54 H=(AAA.local) [37.74.xxx.xxx] F=<> rejected RCPT <[email protected]>: We didn't send the message

Normal outgoing mail is working just fine. It's just the empty sender auto reply...
Oh, I might need to mention that exchange server is using my da box as outgoing server.
 
Presuming the latest version of Spamblocker (4.x), under Edit#26:
Code:
  # Deny all Mailer-Daemon messages not for us:
  deny message = We didn't send the message
       senders = :
       domains = !+relay_domains
You can comment out tis entire section to accept the messages, but note that Exchange is being refused access because DirectAdmin has checked your list of relay_domains (/etc/virtual/domains plus localhost) and found that it doesn't handle email for the recipient to which Exchange wants to send the email.

To whom is Exchange trying to return the email? Is it a recipient on your server? If not, then DirectAdmin shouldn't be accepting the email because it has nowhere to send it if it cannot deliver it, and cannot send it back to the original sender because there isn't one.

If the recipient is not on your server, why does Exchange think it is?

Jeff
 
Announcing the next version...

Within the next day or two I'm going to post some suggestions for the next version of SpamBocker exim.conf for DirectAdmin.

I'm going to be working with John (DirectAdmin Support) to create a single fused file with the best of the stock DirectAdmin exim.conf file, and my most recent file (unreleased; the one I use on my domain).

Afterwards I'll be soliciting ideas for additions and changes.

Watch for an entire new section, for SpamBlocker Version 5.

Once we decide on a final Version 5, hopefully DirectAdmin will use it as standard, and integrate it into CustomBuild.

Then we can build a team (I'll moderate it until someone else will step up to the job) to keep it updated.

Finally :).

Jeff
 
Please send me a PM once you start the thread so i can search/put suggestions to put in there.

Im not expert con exim.conf file, but, i can help testing things.

Regards
 
Jeff / John,

It's good to know that the SpamBlocker development still active, thanks for your efforts.

We use the latest version (4.2) with some customizations and would like to help testing, suggesting possible improvements and to keep it update.
 
@SeLLeRoNe, @ unihostbrasil:

Here is not the time to ask me these things. If you're already subscribed to this subforum you'll be notified when I most a message here that the new subforum is ready. If not, do so now :).

Jeff
 
Please remove "localhost" from relay_domains and "127.0.0.1" from relay_hosts for better security in SpamBlocker 4.2.1. Thank you.
 
Please remove "localhost" from relay_domains and "127.0.0.1" from relay_hosts for better security in SpamBlocker 4.2.1. Thank you.
Did you mean this for me, Martynas? I've used it for years and have never seen it cause a problem. Can you point me to a discussion. I know that the DirectAdmin and I officially differ on the inclusion, but I'd like to know more about why.

My understanding is that if I take it out some users may need to make changes to their mailing systems for automated emails to go out. Am I wrong?

Thanks.

Jeff
 
They would still be allowed to use mail() with no password or send mails using SMTP authentication. Currently you allow sending mails using SMTP with no authentication from localhost and SMTP should never be used with no auth. That just increases the amount of outgoing SPAM.
 
Okay; I'll change it in the next release; scheduled for within the next 24 hours.

I'll announce it here.

Jeff
 
SpamBlocker 4.2.2 has been released with several changes:

1) User vacation and user autoreply code have both been enhanced to only send the automatic reply once every 2 days.

2) The PayPal check to block emails which say they're from PayPal but aren't sent by a server in the paypal.com domain has been commented out because it will break forwarding and because all email from PayPal doesn't come from the PayPal domain.

3) Localhost and 127.0.0.1 have been removed from relay_domains and relay_hosts to block unauthentcated smtp email relaying from the server.

Jeff
 
I installed SpamBlocker and Roundcube got problem sending mail.
The fix was adding "disable_ipv6 = yes" to exim.conf

Error message:

2014-05-23 10:54:31 H=localhost (server.domain.com) [::1] rejected EHLO or HELO server.domain.com: Bad HELO - Host impersonating hostname [server.domain.com]
2014-05-23 10:54:31 H=localhost (server.domain.com) [::1] rejected EHLO or HELO server.domain.com: Bad HELO - Host impersonating hostname [server.domain.com]

Mats
 
Last edited:
Hi Jeff,

I think there is a small error in the readme or in the config:
#Edit 38# is enabled in the exim.conf by default but the readme says: By default we do NOT require sender verification. If you do not want to require sender verification....

The idea behind the setting/function is nice but I just disabled it as it also rejects legitimate mail. The mails that got rejected are monitor-able and fix-able for incoming mail for only our own domain (and from senders we maintain, like other DA servers), but not for shared hosting servers that receive thousands of mails per day from all over the world.
 
Back
Top