[Exim] Using ORDB with Exim 4.04

Top Page
Delete this message
Reply to this message
Author: William Craven
Date:  
To: exim-users
Subject: [Exim] Using ORDB with Exim 4.04
Hello....

I am attempting to use the ORDB Realtime Blackhole List in the ACL list
associated with SMTP RCPT command and it seems to have had no effect. A
message came through last night that was sent from an ORDB blocked site
and the header was not added.

The ACL set smtp_rcpt is as follows

smtp_rcpt:
  accept  hosts = :
  deny    hosts = +block_hosts
          message = host $sender_host_address is blocked by this server
  warn    dnslists = relays.ordb.org/warn
          message = X-RBL-Warning: [ORDB] possible SPAM see \
                http://www.ordb.org/lookup/?host=$sender_host_address
  accept  authenticated = *
  require verify = sender
  accept  domains = +local_domains
  accept  domains = +relay_domains
  accept  hosts = +relay_hosts
  deny    message = host $sender_host_address is not permitted to relay


The ACL in question is the "warn" ACL - and all I am doing is adding a
warning header if the message comes from the "bad" site.

The headers of the message that should have been flagged is as follows

>Delivery-date: Wed, 05 Jun 2002 19:43:10 -0700
>Received: from [208.34.34.98] (helo=Origin200)
>       by cheshire.ucs.ubc.ca with smtp (Exim 4.04)
>       id 17FnEy-0000zq-00
>       for nmc@???; Wed, 05 Jun 2002 19:43:08 -0700
>Received: from chem.cinvestav.mx (mail.horton-intl.com.au

[203.202.130.178]) by Origin200 (980427.SGI.8.8.8/980728.SGI.AUTOCF) via
ESMTP id VAA55154; Wed, 5 Jun 2002 21:43:40 -0500 (CDT)
>From: conniecorey@???
>Message-ID: <0000614944c4$000033fa$00002e2e@???>
>To: <munir57@???>, <monicalonn@???>,

<mythosboy@???>,
>        <muibitop@???>
>Cc: <mmjmc@???>, <olgmo@???>, <nancyori@???>,
>        <monapetersen@???>
>Subject: Make your prints beautiful & SAVE BIG!NR
>Date: Thu, 06 Jun 2002 22:48:25 -1600
>MIME-Version: 1.0
>Content-Type: text/plain
>Reply-To: conniecorey@???
>X-MIME-Autoconverted: from 8bit to quoted-printable by Origin200 id

VAA55154

As you can see we (cheshire.ucs.ubc.ca) received this message from
208.34.34.98 and this site is flagged by ORDB - see
http://www.ordb.org/lookup/?host=208.34.34.98

So why has the X-RBL-Warning: header not added to the message. Have I
configured the ACL incorrectly ?

Any pointers would be much appreciated.

Thanks

Wm.
--
William Craven
ITServices                Email:    William.Craven@???
University of British Columbia        Tel:    +1-604-822-8955
Vancouver, BC, Canada V6T 1Z2        Fax:    +1-604-822-5116