Re: [Exim] Blocking incessant relay testers with Exim 4

Page principale
Supprimer ce message
Répondre à ce message
Auteur: volker augustin
Date:  
À: exim-users
Sujet: Re: [Exim] Blocking incessant relay testers with Exim 4
"Dave C." wrote:

> On Wed, 12 Jun 2002, volker augustin wrote:
>
> > hi,
> >
> > i need help with useing RBLs and exim 4, i want to stop relaying .....
> > i put
> >
> > hostlist relay_from_hosts = ! ${lookup pgsql{SELECT host FROM
> > host_blacklist where aktiv=1 group by host}{$value}fail}
> > acl_smtp_rcpt = acl_check_rcpt
> >


hmmm this sql-lookup works fine, i see it in the debug-output....


>
> > in the mainsection
> > and
> >
> > acl_check_rcpt:
> >
> > #  accept  hosts = :
> >   deny    local_parts   = ^.*[@%!/|]
> >   message = invalid characters in local part

> >
> >   accept  local_parts   = postmaster
> >           domains       = +local_domains
> >   require verify        = sender

> >
> >   accept  domains       = +local_domains
> >           endpass
> >           message       = unknown user
> >           verify        = recipient

> >
> >   accept domains        = +relay_to_domains
> >         endpass
> >         message         = unrouteable adress
> >         verify          = recipient

> >
> >     deny senders =  :

>
> You dont want this one This will prevent bounce messages from being
> delivered.
>


huh? did i missunderstand bou


>
> >     deny dnslists = blackholes.mail-abuse.org
> >             message = rbltest

>


but how can i test if a host is blacklisted and this acl is working?


> >
> >   accept  hosts         = +relay_from_hosts
> >     verify              = sender

> >
> >   accept authenticated  = *
> >   deny    message       = relay not permitted

> >
> > in the acl-section of exim, but i dont know if it works.... spammers
> > still relaying, my server is also listed now :(( how can i stop
> > spamming? i thought acl and rbl was the right way, but it doesnt work
> > for me....please please please help!
> >
> > ...and senders with an empty from-field <> are also relayed :(( how can
> > i stop this?
>
> An empty envelope sender is an indication of a bounce. You do NOT want
> to reject messages on that criteria.
>


hmmmm, but spam is send by this way? or isnt it? in a previous message i posted some of this spam, what i see
was:

some messageid... <== <>

and then it was relayed to so many addresses.......


>
> > i read so many howtos, docs and manpages, but im very confused now,
>
> Start over with a simpler ACL.
>
> Get rid of your MYSQL stuff, and see if it works without that. (Eg, just
> list your IP networks directly in the ACL. Be sure to only list YOUR IP
> networks, that you own/control.
>


ok, thats working now.


>
> Be sure to HUP (or restart) the exim daemon after making changes to your
> config file, so that it will see the changes.
>


done

>
> If that works, then your MYSQL query is probably hosed and you can start
> debugging there..
>
> > .....
> >
> > volker
> >
> >
> >
> > --
> >
> > ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##


> >
> >
>
> --