Re: [Exim] Whitelisting RBL positives

Author: Jerry Jorgenson
Date:
To: exim-users
Subject: Re: [Exim] Whitelisting RBL positives

On Sat, 19 Jul 2003 23:09:44 -0400 (EDT)
Richard Welty <rwelty@???> wrote:

> On Sat, 19 Jul 2003 21:43:40 -0500 Jerry Jorgenson <jerry@???>
> wrote:
>
> > Folks,
> >
> > I have some incoming domains that I need to let through even though
> > they are in RBL lists. While I can allow them in by:
> >
> > accept hosts = /etc/mail/allow_access_list > > deny dnslists = relays.ordb.org : sbl.spamhaus.org

> >
> > This lets them through, but has the unfortunate effect of making an
> > open relay for every host listed in /etc/mail/allow_access_list,
>
> accept hosts = /etc/mail/allow_access_list > domains = +local_domains

>
> cheers,
> richard

On Sat, 19 Jul 2003 23:09:44 -0400 (EDT)
Marcus Frischherz <marcus@???> wrote:

> I dunno.. I have done it thus:
>
> #[ global section] > hostlist rbl_hosts = \ > ! /etc/mail/allow_access_list > 0.0.0.0/0

>
> #[acl] > deny hosts = +rbl_hosts > message = host is listed in $dnslist_domain > log_message = Listed in $dnslist_domain. > dnslists = dnsbl.njabl.org : \ > sbl.spamhaus.org: \ > relays.ordb.org : \ > relays.osirusoft.com : \ > dnsbl.sorbs.net : \ > list.dsbl.org:

>
> greetings,
>
> Marcus

Thanks Richard and Marcus, but I still get denyed because of RBL with both
solutions and Marcus' solution also stops mail going out. Perhaps I didn't
give enough of the acl. It's all the standard stuff except for the
dnslists part. FWIW, I also notice that the $dnslist_domain and
$dnslist_text variables are always blank. This is Exim 4.20

#[ global section ]

domainlist local_domains = @ : j3iss.com
domainlist relay_to_domains =
hostlist relay_from_hosts = 127.0.0.1 : 206.54.173.0/24

#[ acl section ]
acl_check_rcpt:

accept hosts = : 206.54.173.0/24

  deny    hosts = /etc/mail/deny_access_list
          log_message = found in deny_access_list
          message = 550 We don't accept mail from spammers.

  deny    local_parts   = ^.*[@%!/|]
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender

  accept  hosts         = /etc/mail/allow_access_list
  deny    dnslists      = relays.ordb.org : sbl.spamhaus.org
  deny    message       = rejected because $sender_host_address is in a
black list at $dnslist_domain\n$dnslist_text
  log_message           = found in RBL $dnslist_domain

  accept  domains       = +local_domains
          endpass
          message       = unknown user
          verify        = recipient

  accept  domains       = +relay_to_domains
          endpass
          message       = unrouteable address
          verify        = recipient

  accept  hosts         = +relay_from_hosts
  accept  authenticated = *
  deny    message       = relay not permitted

Jerry

--
Jerry Jorgenson
jerry@???
http://www.j3iss.com/

This message is part of the following thread:
	the complete thread tree sorted by date
	Marcus Frischherz at
	Adam D. Barratt at