SpamBlocker3 exim.conf file now ready for Beta testing

Status
Not open for further replies.

icepick

Verified User
Joined
Aug 19, 2005
Messages
122
Location
Auckland, New Zealand
SpamBlocker3 eixm.conf with ClamAV support has been tested with the ClamAV installation described here, but with the latest version of ClamAV as described here.
I followed the instructions and things appear to be working semi, I downloaded the latest exim.pl and exim.conf and modified them using kdiff to see what had changed from my previous version.

It would appear that exim doesn't like the demime stuff, I had to hash it all out, what will this do and will it be a problem, see one of the errors:

Code:
2008-04-07 20:16:12 Exim configuration error in line 688 of /etc/exim.conf:
  error in ACL: unknown ACL condition/modifier in "demime = *"
 

wallacetan

Verified User
Joined
Mar 27, 2007
Messages
10
Should not deny at SMTP HELO stage

$sender_helo_name should be checked at SMTP RCPT stage.

See url: http://www.exim-users.org/forums/archive/index.php/t-272.html
"Attempting a deny at the HELO stage in my experience has not worked... you
normally can get a good result at the RCPT ACL stage though."

rejecting based on HELO
http://www.gossamer-threads.com/lists/exim/users/20870?search_string=deny helo rcpt;#20870

HELO syntax check at RCPT
http://www.gossamer-threads.com/lists/exim/users/31266?search_string=deny helo rcpt;#31266

Code:
acl_check_helo:
#accept email originating on this server unconditionally
  accept  hosts = @[] : @
	endpass

# DO NOT UNCOMMENT SECTION BELOW; IT IS IN WORK AND DOESN'T YET WORK PROPERLY
#  deny  condition = ${if and{\
#          {isip{$smtp_command_argument}}\
#          {match_ip{$smtp_command_argument}{@[]}}\
#          } {yes}{no}}
#        message = How can you possibly have my IP address?
#	 delay   = 30s

# IF YOU CHECK FOR VALID HELO:
#  UNCOMMENT THIS SECTION
# WARNING THIS IS UNTESTED AND MAY BREAK ABILITY FOR USERS TO SEND EMAIL THROUGH YOUR SERVER
#   deny message = Single word server helo name ($sender_helo_name) rather than a FQDN.
#        condition = ${if ! match {$sender_helo_name}{\N^[^.].*\.[^.]+$\N}}
#   deny message = IP# server helo name ($sender_helo_name) rather than a FQDN.
#        condition  = ${if match {$sender_helo_name} {^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\$|^\[[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\]\$} {yes}{no}}
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I'm working with John this month on some recent changes. Soon? Soon.

Jeff
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Still busy. It's on my todo list to get another candidate up as soon as possible.

Jeff
 

Auraka

Verified User
Joined
Jul 12, 2004
Messages
34
You may want to remove dsbl from your rbl checks since it is now defunct.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
I'm making changes quite often now, but wil try to take the time to post my own copy of the file (which I change often) after it's been up a few days with the latest changes.

I suppose it's time to do a feature lock and a release candidate.

Jeff
 

Willis

Verified User
Joined
Dec 31, 2005
Messages
39
I'm using the latest script for dovecot.

I've made two modifications:
1) opened an extra smtp port
2) Enabled (uncommented) the entire spamassassin section.

Everything works, however, spamassassin, when a message is marked as spam repeatedly delivers the same message to the spam box multiple times, and the number of times is always random, sometimes twice, sometimes as many as 8 times, sometimes just once. At first I thought it was just spammers being stupidly persistent, but today a valid email got caught by it, which I know was only sent once, and it multiplied into 8 separate messages. Any idea what could cause this?

I just updated everything via custombuild 1.1 and re-updated spamassassin, and the problem still persists.

OS is CentOS 5.2 x64, Dovecot 1.1.7, Exim 4.67, SpamAssassin 3.2.5, Perl 5.8.8

Any input would be appreciated.
 

evil_smurf

Verified User
Joined
Mar 3, 2006
Messages
123
Jeff,

I have modified my copy of spamblocker 2 to allow for multiple IP's to be the remote smtp address depending on what domain on the box is being used to send the email.

If you are interested in how I did this, feel free to message me and we can talk :)
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,797
I have modified my copy of spamblocker 2 to allow for multiple IP's to be the remote smtp address depending on what domain on the box is being used to send the email.
Care to share with the rest of us or is this going to be closed source?
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,797
I have modified my copy of spamblocker 2 to allow for multiple IP's to be the remote smtp address depending on what domain on the box is being used to send the email.
Are you using a static file with a list of domain to ip mappings or are you doing a live dns lookup?
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
Neither. It's good clean code and it works. Evil_Smurf has sent it to me but didn't give me permission to share it, so hopefully he'll be back here to respond, or he'll contact me with permission to share it here.

Jeff
 

floyd

Verified User
Joined
Mar 29, 2005
Messages
5,797
Ok well here is code that I found and it does work

exim.conf:
Code:
remote_smtp:
  driver = smtp
  interface = ${lookup{$sender_address_domain}lsearch{/etc/virtual/interfaces} {$value}{xxx.xxx.xxx.xxx}}
/etc/virtual/interfaces has the domains and ip addresses listed in this format:

Code:
domain1.com: xxx.xxx.xxx.xxx
domain2.com: xxx.xxx.xxx.xxx
The xxx.xxx.xxx.xxx in the exim.conf is the default ip in case the domain being used is not listed in the interfaces file.

More info here http://www.mail-archive.com/exim-users@exim.org/msg25906.html

I would like to have a better way of reading the domains but this works for me. I can have a script that sets up the interfaces file in a few seconds.
 

nobaloney

NoBaloney Internet Svcs - In Memoriam †
Joined
Jun 16, 2003
Messages
26,119
Location
California
At some point after the new file comes out, and is hopefully accepted by John and Mark to become part of DirectAdmin, I'd expect at least one commercial or free plugin to be made available.

Jeff
 

evil_smurf

Verified User
Joined
Mar 3, 2006
Messages
123
Yep, that's what I found myself and shared with Jeff.

I'd like to see DA keep a file like this on its own. That would be kind of nice.
 
Status
Not open for further replies.
Top