Ok, it looks like i didnt setup the config files correctly, to block both dialups and relays i put this in my config file, did the
test, and the test failed
# reject messages whose sending host is in MAPS/RBL & MAP/DUL
# add warning to messages whose sending host is in RSS
rbl_domains = blackholes.mail-abuse.org/reject : \
dialups.mail-abuse.org/reject : \
relays.mail-abuse.org/warn
# check all hosts other than those on internal network
rbl_hosts = !192.168.0.0/24:0.0.0.0/0
# but allow mail to postmaster@??? even from rejected host
recipients_reject_except = postmaster@???
# change some logging actions (collect more data)
rbl_log_headers true # log headers of accepted RBLed messages
rbl_log_rcpt_count false # log recipient info of accepted RBLed messages
xxxxxxxxxxxxxxxx
On Sat, 9 Feb 2002, Jeroen Valcke wrote:
> I configured Exim to reject some messages when the mailserver appears in
> blackhole lists ala www.ordb.org (also www.spamhaus.org)
> I searched throught the exim logs but can't find any rejected messages.
> Checked the main exim log and the reject log. How can I distinguish
> rejected msgs in the logs?
The rejected logs from (the mainlog) look like:
2002-02-03 19:06:35 recipients refused from [195.17.242.40] (RBL
relays.ordb.org)
The rejectlog has same format, e.g.:
2002-02-03 14:45:00 recipients refused from chaca1.interonda.com.ar
[200.5.116.82] (RBL relays.ordb.org)
So grep for "RBL".
Jeremy C. Reed
p.s. RBL works great!
./rblstats < /var/log/exim/exim_mainlog
Top 10 bad mail servers blocked:
1493 65.121.184.26
505 216.38.221.91
343 209.145.65.12
298 195.117.20.130
210 216.34.72.68
182 216.34.74.50
146 64.37.114.73
139 216.220.10.123
130 64.37.121.131
125 64.37.114.78
Total 2942 bad mail servers blocked.
Refusals per Realtime Blackhole List:
7629 relays.ordb.org
4156 spews.relays.osirusoft.com
1417 inputs.orbz.org
Total 13202 bad mail server connections refused.
--
## List details at
http://www.exim.org/mailman/listinfo/exim-users Exim details at
http://www.exim.org/ ##
