spamhaus doesn't work?

S

santovito

Verified User
Joined
Nov 23, 2008
Messages
143
Hi to all,

I've some new machines with OS centos 7 minimal. I've set "Use RBL Blocking" to "yes" in settings page. Now... if I testing Spamhaus setup, I've a problem in this new machines:

1. I send mail to "[email protected]"
2. I received me an email with this body: Uh-oh, you're SBL block is not working!
3. I received me an email with this body (part): 250 Accepted

my RBL list in exim.conf (for test spamhaus setup, i've delete "b.barracudacentral.org : "):

RBL_DNS_LIST=\
cbl.abuseat.org : \
bl.spamcop.net : \
zen.spamhaus.org : \
hostkarma.junkemailfilter.com=127.0.0.2

Someone with same problem?

Vito
 
Hello.

Yes got the same issue but I think it is the way of testing they are doing is not quite correct.
Just do a search in your /var/log/exim/mainlog for entry's with spamhaus.org and if everything is ok you will find mail being blocked by spamhaus.
 
Hmmz... I don't know then and don't understand either. I tried this afternoon. When disabling the other RBL's I receive the 2 emails.
1 is saying Uh-oh, you're SBL block is not working
The second one was the report, which also contained a sentence which questioned if it would be a good thing that I received that mail.

However, in my logs I do see blocks from spamhaus also from today:
Code: 
2017-07-01 09:14:52 H=(grupobira.info) [104.237.202.52] F=<[email protected]> rejected RCPT <[email protected]>: Email blocked by zen.spamhaus.org
So well.... I don't understand either. Maybe somebody else can explain why the test will work with an older exim version.
 
Hello,

The testing email which goes through RBL check pretends to be a bounce email, since that it's not rejected by new Exim.

Line 376 in exim.conf 4.5.x:

Code: 
  # Remaining Mailer-Daemon messages must be for us
    accept senders = :
           domains = +relay_domains

goes before RBL checks and allows emails with '<>' empty senders, i.e. emails from Mailer-Daemon, i.e. bounced emails.

if you comment the two lines you will probably get the same results as I:

Code: 
2017-07-03 01:25:40 H=sbl.crynwr.com [192.203.178.107] F=<> rejected RCPT \
<[email protected]>: Email blocked by zen.spamhaus.org
 
You must log in or register to reply here.
Back
Top