Re: [Exim] Rbl checking

Página Inicial
Delete this message
Reply to this message
Autor: Tim Jackson
Data:  
Para: exim-users
Assunto: Re: [Exim] Rbl checking
Hi Jeff, on Tue, 30 Dec 2003 10:21:36 -0800 you wrote:

> My thanks to you, Tim, for the help you gave me offlist.


Not a problem. For the archives and anyone else similarly stuck, the short
version is this:

You probably want something like this:

 deny message = $sender_host_address is listed at $dnslist_domain
       hosts = !+relay_from_hosts
       !authenticated = *
       dnslists = list.dsbl.org : \
                  sbl.spamhaus.org : \
                  bl.spamcop.net : \
                  relays.ordb.org : \
                  korea.services.net : \
                  china.blackholes.us : \
                  russia.blackholes.us


Note the "hosts = !+relay_from_hosts", which will stop checks from known
hosts with static IPs, and the "!authenticated = *" which will skip checks
for hosts that have authenticated.

HOWEVER, you might want to break up the DNSBL list, since for hosts that
are in sbl.spamhaus.org, list.dsbl.org or relays.ordb.org, you really *do*
want to reject the mail even if it's a "known" host (e.g. customer) since
there's a high chance their machine is being used for spamming and you may
be becoming an unwitting relay. Something like this:

 # First deny stuff from insecure hosts & spammers. No exceptions
 deny message = $sender_host_address is listed at $dnslist_domain
     dnslists = list.dsbl.org : \
                sbl.spamhaus.org : \
                relays.ordb.org


 # Now some more "fuzzy" blacklists. Known hosts/users are exempted
 deny message = $sender_host_address is listed at $dnslist_domain
      hosts   = !+relay_from_hosts
      !authenticated = *
      dnslists =  bl.spamcop.net : \
                  korea.services.net : \
                  china.blackholes.us : \
                  russia.blackholes.us