I followed these instructions by removing the # from the front of rb_domains.... and I then restarted exim but it failed with an error message about rbl_domains

Should I have done something else?

Thanks
Steve

# Exim contains support for the Realtime Blackhole List (RBL) that is being
# maintained as part of the DNS. See http://mail-abuse.org/rbl/ for background.
# Uncommenting the first line below will make Exim reject mail from any
# host whose IP address is blacklisted in the RBL at blackholes.mail-abuse.org.
# Some others have followed the RBL lead and have produced other lists: DUL is
# a list of dial-up addresses, and there are also a number of other lists
# of various kinds at orbs.org.

# rbl_domains = blackholes.mail-abuse.org

http://www.exim.org/exim-html-4.20/doc/html/spec_37.html#IX2185

deny dnslists = blackholes.mail-abuse.org : \
dialups.mail-abuse.org

rbl_domain is an exim 3 command, left over from the old exim.conf

John

Does that mean that I need to get a new exim.conf and install it?

Or just add the line that you kindly gave me?

Steve

Just add the line. The "leftover" commands are from the exim.conf version converter we used back when we upgraded to exim 4. Since it was commented out, the converter left it in the new file.

John

Just read the doc you point out and I put the exact code into Exim and got the error below about "deny"

Starting exim: 2004-03-09 14:48:06 Exim configuration error in line 211:
main option "deny_dnslists" unknown

and

Starting exim: 2004-03-09 14:48:06 Exim configuration error in line 211:
main option "deny " unknown

Hello,

That's an access control list.. so it would probably have to go in the "check_recipient:" secion of th acl.

John

I'm almost ready to release my exim.conf file, which uses both spamassassin and RBLs on a domain-by-domain basis.

The only thing left to do is document the whole mess, since it's a complete rewrite.

Jeff

Originally posted by DirectAdmin Support
Hello,

That's an access control list.. so it would probably have to go in the "check_recipient:" secion of th acl.

John

Ok... time to work on the communication skills again :D

Probably or it does go there? Which is it? When I added the line under the 'check_recipient' section and did an 'exim restart' it just hung up... nice.

I have searched and searched with no to little information regarding adding RBL's to Exim. Now I admit that I'm a Sendmail guy and am having to learn Exim but let's not make this so hard. Exim's docs aren't exactly the most enlightening I have read, but again, I'm not an Exim expert.

I, like many others, would like to add certain RBL's to Exim... spamcop, ordb..etc which have worked nicely for me via sendmail in the past (let's not get into a 'which rbl is best' discussion.

So.. instead of me becoming an Exim expert how about a How-To of what to add and where to add the code necessary for Exim to refer to certain rbl's?

What would be REALLY nice is a simple list of RBLs in the DA CP that you could simply check or uncheck to use either system wide or on a domain basis.

So, short of Jeff having to rewrite the exim.conf (muchas gracias Jeff) how about a How-To?

Thanks,

Hello,

Here's a nice, (untested) how-to :)

Make you /etc/exim.conf "check_recipient:" section (about line 264) look like this:


check_recipient:
deny dnslists = relays.ordb.org : \
sbl.spamhaus.org : \
opm.blitzed.org
accept hosts = :
accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
accept hosts = +auth_relay_hosts
endpass
message = authentication required
authenticated = *
deny message = relay not permitted
:)
John

Well... it didn't puke upon restart... I'll keep an eye on it.

Thanks!

Which log would Exim log any RBL hits to for spamcop, ordb..etc?

/var/log/exim/rejectlog ?

Just trying to see if this works.

Yes, I think it's the reject log.

John

The /var/log/exim/rejectlog contains log information for everything rejected by ACLs.

My new exim.conf file uses a different logging format, which I find very helpful.

It also has a manual blacklist you can add domains to; we use it for spammers who think they're legal, so it's okay for them to spam.

Jeff

When do we get the new exim.conf?

Do we upload it manually when released or just update DA

Thanks loads

Steve

To try and reduce the spam problem as I am receiving a lot of emails to non-existant email addresses on the server I tried to enable receiver_verify as the comments say

"Unknown recipients are then rejected at this stage, and the generation of a failure message is the job of the sending host."

Lovely I thought - let them get the load in rejecting messages

But when I restarted Exim it complained loudly about receiver_verify being unknown..

How do we enable this excellent feature in Exim 4?

Thanks

Originally posted by locateMe
When do we get the new exim.conf?
As soon as I finish documenting it and finding "loose ends".

For example, the "receiver_verify" which you wrote about in your most recent email.

It takes time to track through all the possible options I've got in my exim.conf file but have left commented out, and see what unintended things could happen if I uncomment them.

Do we upload it manually when released or just update DA
You can do either.

If you want, you can download it when I've finished documenting it, install it, create the few extra files it requires in /etc/virtual, restart exim, and use it immediately, as I do.

Or you can wait until the DA team goes over it, makes whatever changes they want, and creates a "front-end" control panel interface for it.

It's entirely up to you.

Jeff

Originally posted by locateMe
To try and reduce the spam problem as I am receiving a lot of emails to non-existant email addresses on the server I tried to enable receiver_verify as the comments say

"Unknown recipients are then rejected at this stage, and the generation of a failure message is the job of the sending host."
I know for a fact that my installation of exim rejects messages for nonexistent recipients even with receiver_verify commented out; I'm checking with Dr. Hazel (he wrote exim), but in the meantime leave it commented out.

What do you have checked under "catchall" for the domain? There are three options, and only one of them will reject email for unknown recipients.

Jeff

I have 'ignore' set in the catchall

However that's not the point is it? I don't want to return the message to the senders host with an email that say's user unknown. I want the SMTP process to reject it so that the senders host does that.

Or is that what it does (not an SMTP expert) LOL

STeve

DA, by default, runs exim in such a way that it refuses email at SMTP for undeliverable recipients.

Jeff

My brain must have been asleep yesterday morning.

receiver_verify and sender_verify were both part of exim 3 and are replaced by the rather complete (and alas, somewhat complex) acl (access control list) system in exim 4.

Jeff