> I'm testing the spamhaus.org spam reduction stuff - just adding
> warnings for now till I'm sure it works ok. Seems to pick up most of
> the spam and no false positive yet.
That's one I'd recommend for everyone. They have known spam gangs. It's my
primary. however, list.dsbl.org catches tons as well. I'm using 8 RBLs,
it's rare I see one from spews (my last one, they're similar to spamhaus,
but I don't know what their listing policy is compared to spamhaus)
> In my logs I now get messages of attempts to send mail, but no
> disconnection/ completion messages for that attempt.
>
> 2003-05-05 18:47:56 no host name found for IP address
> 66.118.181.73
> 2003-05-05 18:47:58 H=(nizwun.com) [66.118.181.73] Warning: found
> in sbl.spamhaus.org
>
> It seems as if the connection just vanished into thin air. Netstat also
> does not report any "live" connection on this domain.
That seems normal. Check the rejectlog.
I use this in my config for logging:
log_selector = -queue_run +smtp_connection +smtp_syntax_error +delivery_size \
+incoming_interface -retry_defer +smtp_connection +smtp_protocol_error
^^^^^^^^^^^^^^^^
That will log for each connection (before ACLs)
> My ACL line in the standard Exim config is below:
>
> warn message = X-Warning: $sender_host_address is in a black
> list at $dnslist_domain
> log_message = found in $dnslist_domain
> dnslists = sbl.spamhaus.org
>
> Is this normal behaviour, or is there something to worry about?
If this is only a warn, no, this is not normal to drop the connection or
drop the message.
Which exim version are you using? Are you sure you don't have another acl
that's dropping the connections?
You can try this:
exim -bh 66.118.181.73