[Exim] How to check if exim uses DNSBLs

Top Page
Delete this message
Reply to this message
Author: Michael Jakscht
Date:  
To: exim-users
Subject: [Exim] How to check if exim uses DNSBLs

Hi,

it seems that our exim 4.14 DNSBL checking isn't working anymore...
I started exim -bh <ip> to see if it checks against BLs, but all of
them fail....
What did I do wrong? I didn't change anything regarding the ACL
check_mail in which I check the BLs...


=======================================
begin acl

acl_check_mail:
  deny    hosts         = !+local_networks : !+relay_from_hosts : !
+friends_with_entry_in_dnsbl
          dnslists      = relays.ordb.org : \
                          sbl.spamhaus.org : \
                          opm.blitzed.org : \


relays.osirusoft.com=127.0.0.3,127.0.0.6,127.0.0.7,127.0.0.8,127.0.0.9

: \

dnsbl.njabl.org=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.8,127.0.0.9

: \

blackholes.five-ten-sg.com=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.6,127.0.0.8,127.0.0.9

: \
                          spamguard.leadmon.net=127.0.0.2 : \
                          dynablock.wirehub.net=127.0.0.2
          message       = rejected because $sender_host_address is
in a black list at $dnslist_domain
          log_message   = rejected because $sender_host_address is
in a black list at $dnslist_domain
  accept  hosts         = *
=======================================



Now see this:

=======================================
mail:/etc/exim # exim -bh 210.7.88.83
=======================================
**** SMTP testing session as if from host 210.7.88.83
**** but without any ident (RFC 1413) callback.
**** This is not for real!

>>> sender host name required, to match against *.tle.de
>>> looking up host name for 210.7.88.83
>>> IP address lookup yielded hotwire-83-88-ind.hotwireindia.com
>>> no IP address found for host hotwire-83-88-ind.hotwireindia.com

LOG: no IP address found for host hotwire-83-88-ind.hotwireindia.com
>>> no IP addresses found for hotwire-83-88-ind.hotwireindia.com
>>> 210.7.88.83 does not match any IP address for

hotwire-83-88-ind.hotwireindia.com
>>> host in "/etc/exim/friends_with_broken_mx"? no (failed to find

host name for 210.7.88.83)
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 210.7.88.83
>>> IP address lookup yielded hotwire-83-88-ind.hotwireindia.com
>>> no IP address found for host hotwire-83-88-ind.hotwireindia.com

LOG: no IP address found for host hotwire-83-88-ind.hotwireindia.com
>>> no IP addresses found for hotwire-83-88-ind.hotwireindia.com
>>> 210.7.88.83 does not match any IP address for

hotwire-83-88-ind.hotwireindia.com
>>> host in host_reject_connection? no (option unset)
>>> host in sender_unqualified_hosts? no (option unset)
>>> host in recipient_unqualified_hosts? no (option unset)
>>> sender host name required, to match against *.ewe.de
>>> host in helo_verify_hosts? no (failed to find host name for

210.7.88.83)
>>> sender host name required, to match against *.ewe.de
>>> host in helo_try_verify_hosts? no (failed to find host name for

210.7.88.83)
>>> no IP address found for host no

LOG: no IP address found for host no
>>> host in helo_accept_junk_hosts? no (failed to find IP address

for no)
220-Welcome to RZV - Rechenzentrum Verden GmbH.
220-This mailhub mail.vit.de is running SMTP/ESMTP with Exim 4.14
220-Today is Tue, 15 Apr 2003 09:07:10 +0200.
220-Please apologize that we do not respect spammers!
220 Happy mailing!
ehlo test
>>> test in helo_lookup_domains? no (end of list)
>>> host in pipelining_advertise_hosts? yes (matched "*")

250-mail.vit.de Hello test [210.7.88.83]
250-SIZE 12582912
250-PIPELINING
250 HELP
mail from:<>
>>> using ACL "acl_check_mail"
>>> processing "deny"
>>> check hosts = !+local_networks : !+relay_from_hosts : !

+friends_with_entry_in_dnsbl
>>> host in "172.16.1.0/24 : 172.16.2.0/24 : 192.168.200.0/24 :

172.27.81.0/24 : 172.16.200.1/32 : 213.69.199.224/27"? no (end of
list)
>>> gethostbyname looked up these IP addresses:
>>> name=rzvhostkdmz.vit.de address=172.27.200.1
>>> gethostbyname looked up these IP addresses:
>>> name=mnowak.vit.de address=172.16.1.50
>>> gethostbyname looked up these IP addresses:
>>> name=mjakscht.vit.de address=172.16.1.73
>>> gethostbyname looked up these IP addresses:
>>> name=rzvmail.vit.de address=213.69.199.243
>>> gethostbyname looked up these IP addresses:
>>> name=rzvnotes3.vit.de address=172.16.1.18
>>> gethostbyname looked up these IP addresses:
>>> name=nlbmail.vit.de address=172.16.1.26
>>> gethostbyname looked up these IP addresses:
>>> name=rzvftp.vit.de address=213.69.199.230
>>> gethostbyname looked up these IP addresses:
>>> name=rzvlog.vit.de address=172.16.1.42
>>> gethostbyname looked up these IP addresses:
>>> name=gatekeeper2.vit.de address=213.69.199.226
>>> name=gatekeeper2.vit.de address=172.16.1.14
>>> gethostbyname looked up these IP addresses:
>>> name=rzvlabwks.vit.de address=172.16.1.200
>>> gethostbyname looked up these IP addresses:
>>> name=rzvcms.vit.de address=213.69.199.238
>>> gethostbyname looked up these IP addresses:
>>> name=rzvforum.vit.de address=172.16.1.230
>>> gethostbyname looked up these IP addresses:
>>> name=rzvcms-backup.vit.de address=213.69.199.239
>>> gethostbyname looked up these IP addresses:
>>> name=rzvdb.vit.de address=172.27.81.244
>>> host in "127.0.0.1 : rzvhostkdmz.vit.de : mnowak.vit.de :

mjakscht.vit.de : rzvmail.vit.de : rzvnotes3.vit.de : nlbmail.vit.de
: 213.69.199.226 : 192.168.200.0/24 : rzvftp.vit.de : rzvlog.vit.de
: gatekeeper2.vit.de : rzvlabwks.vit.de : rzvcms.vit.de :
rzvforum.vit.de : rzvcms-backup.vit.de : rzvdb.vit.de"? no (end of
list)
>>> sender host name required, to match against *.herdbooks.lu
>>> host in "/etc/exim/friends_with_entry_in_dnsbl"? no (failed to

find host name for 210.7.88.83)
>>> host in "!+local_networks : !+relay_from_hosts : !

+friends_with_entry_in_dnsbl"? yes (end of list)
>>> check dnslists = relays.ordb.org : sbl.spamhaus.org :

opm.blitzed.org :
relays.osirusoft.com=127.0.0.3,127.0.0.6,127.0.0.7,127.0.0.8,127.0.0.9

:
dnsbl.njabl.org=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.8,127.0.0.9

:
blackholes.five-ten-sg.com=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.6,127.0.0.8,127.0.0.9

: spamguard.leadmon.net=127.0.0.2 : dynablock.wirehub.net=127.0.0.2
>>> DNS list check: relays.ordb.org
>>> new DNS lookup for 83.88.7.210.relays.ordb.org
>>> DNS lookup for 83.88.7.210.relays.ordb.org failed
>>> => that means 210.7.88.83 is not listed at relays.ordb.org
>>> DNS list check: sbl.spamhaus.org
>>> new DNS lookup for 83.88.7.210.sbl.spamhaus.org
>>> DNS lookup for 83.88.7.210.sbl.spamhaus.org failed
>>> => that means 210.7.88.83 is not listed at sbl.spamhaus.org
>>> DNS list check: opm.blitzed.org
>>> new DNS lookup for 83.88.7.210.opm.blitzed.org
>>> DNS lookup for 83.88.7.210.opm.blitzed.org failed
>>> => that means 210.7.88.83 is not listed at opm.blitzed.org
>>> DNS list check:

relays.osirusoft.com=127.0.0.3,127.0.0.6,127.0.0.7,127.0.0.8,127.0.0.9
>>> new DNS lookup for 83.88.7.210.relays.osirusoft.com
>>> DNS lookup for 83.88.7.210.relays.osirusoft.com failed
>>> => that means 210.7.88.83 is not listed at relays.osirusoft.com
>>> DNS list check:

dnsbl.njabl.org=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.8,127.0.0.9
>>> new DNS lookup for 83.88.7.210.dnsbl.njabl.org
>>> DNS lookup for 83.88.7.210.dnsbl.njabl.org failed
>>> => that means 210.7.88.83 is not listed at dnsbl.njabl.org
>>> DNS list check:

blackholes.five-ten-sg.com=127.0.0.2,127.0.0.3,127.0.0.4,127.0.0.5,127.0.0.6,127.0.0.8,127.0.0.9
>>> new DNS lookup for 83.88.7.210.blackholes.five-ten-sg.com
>>> DNS lookup for 83.88.7.210.blackholes.five-ten-sg.com failed
>>> => that means 210.7.88.83 is not listed at

blackholes.five-ten-sg.com
>>> DNS list check: spamguard.leadmon.net=127.0.0.2
>>> new DNS lookup for 83.88.7.210.spamguard.leadmon.net
>>> DNS lookup for 83.88.7.210.spamguard.leadmon.net failed
>>> => that means 210.7.88.83 is not listed at spamguard.leadmon.net
>>> DNS list check: dynablock.wirehub.net=127.0.0.2
>>> new DNS lookup for 83.88.7.210.dynablock.wirehub.net
>>> DNS lookup for 83.88.7.210.dynablock.wirehub.net failed
>>> => that means 210.7.88.83 is not listed at dynablock.wirehub.net
>>> deny: condition test failed
>>> processing "accept"
>>> check hosts = *
>>> host in "*"? yes (matched "*")
>>> accept: condition test succeeded

250 OK
=======================================




Why do all the BLs fail???

Michael