Re: [Exim] RBL logging

Top Page
Delete this message
Reply to this message
Author: tsh
Date:  
To: exim-users
Subject: Re: [Exim] RBL logging
>On Thu, 7 Nov 2002 tsh@??? wrote:
>
>> Although I know a mail msg was rejected by the dnslists ACL
>> (the sender complained), I didnt get a message in the exim log.
>> The exim bible says that in the absence of a 'log_message' modifier,
>> 'message' is used, but I get nowt. Do I need to explicitly
>> set a log_message modifier here? (Nothing changes in
>> the output from an exim -bh run if I do).
>>
>> ACL fragment:
>>
>> deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
>>         dnslists      = rbl-plus.mail-abuse.ja.net

>
>What do you actually see in a -bh run?


This. I know the incoming msg was rejected because the sender
faxed us a copy of the '550 rejected' msg.

Cheers,
Terry.


[root@server1 exim]# ./bin/exim -bh 195.6.207.1

**** SMTP testing session as if from host 195.6.207.1
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 195.6.207.1
>>> IP address lookup failed: h_errno=1
>>> host in host_reject_connection? no (option unset)
>>> sender host name required, to match against *.mrc-lmb.cam.ac.uk
>>> host in sender_unqualified_hosts? no (failed to find host name)
>>> sender host name required, to match against *.mrc-lmb.cam.ac.uk
>>> host in recipient_unqualified_hosts? no (failed to find host name)
>>> host in helo_verify_hosts? no (option unset)
>>> host in helo_try_verify_hosts? no (option unset)
>>> host in helo_accept_junk_hosts? no (option unset)

220 server1.mrc-lmb.cam.ac.uk ESMTP Exim 4.10 Fri, 08 Nov 2002 09:51:27 +0000
mail from:tsm2@???
250 OK
rcpt to:tsh@???
>>> using ACL "acl_check_rcpt"
>>> processing "accept"
>>> check hosts = :
>>> host in ":"? no (end of list)
>>> accept: condition test failed
>>> processing "accept"
>>> check hosts = *.mrc-lmb.cam.ac.uk
>>> sender host name required, to match against *.mrc-lmb.cam.ac.uk
>>> host in "*.mrc-lmb.cam.ac.uk"? no (failed to find host name)
>>> accept: condition test failed
>>> processing "deny"
>>> check local_parts = ^.*[@%!/|] : ^\\.
>>> tsh in "^.*[@%!/|] : ^\."? no (end of list)
>>> deny: condition test failed
>>> processing "accept"
>>> check local_parts = postmaster
>>> tsh in "postmaster"? no (end of list)
>>> accept: condition test failed
>>> processing "require"
>>> check verify = sender
>>> cus.cam.ac.uk in "*"? yes (matched "*")
>>> tsm2@??? in "*@*"? yes (matched "*@*")
>>> cus.cam.ac.uk in "mrc-lmb.cam.ac.uk"? no (end of list)
>>> tsm2@??? in "*@mrc-lmb.cam.ac.uk"? no (end of list)
>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>> routing tsm2@???
>>> cus.cam.ac.uk in "@ : mrc-centre.cam.ac.uk : mrc-lmb.cam.ac.uk : *.mrc-lmb.cam.ac.uk"? no (end of list)
>>> cus.cam.ac.uk in "! +local_domains"? yes (end of list)
>>> calling send_to_smart_host router
>>> cus.cam.ac.uk in "*"? yes (matched "*")
>>> fully qualified name = ppsw.cam.ac.uk
>>> ppsw.cam.ac.uk 131.111.8.12
>>> ppsw.cam.ac.uk 131.111.8.13
>>> ppsw.cam.ac.uk 131.111.8.14
>>> routed by send_to_smart_host router
>>> ----------- end verify ------------
>>> require: condition test succeeded
>>> processing "deny"
>>> check dnslists = rbl-plus.mail-abuse.ja.net
>>> DNS list check: rbl-plus.mail-abuse.ja.net
>>> new DNS lookup for 1.207.6.195.rbl-plus.mail-abuse.ja.net
>>> DNS lookup for 1.207.6.195.rbl-plus.mail-abuse.ja.net succeeded
>>> => that means 195.6.207.1 is listed at rbl-plus.mail-abuse.ja.net
>>> deny: condition test succeeded

550 rejected because 195.6.207.1 is in a black list at rbl-plus.mail-abuse.ja.net
LOG: H=[195.6.207.1] F=<tsm2@???> rejected RCPT tsh@???: rejected because 195.6.207.1 is in a black list at rbl-plus.mail-abuse.ja.net





>
>--
>Philip Hazel            University of Cambridge Computing Service,
>ph10@???      Cambridge, England. Phone: +44 1223 334714.

>
>
>--
>
>## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>