Re: [Exim] RBL help and blocked host

Top Page
Delete this message
Reply to this message
Author: Hiep Nguyen
Date:  
To: Odhiambo G. Washington
CC: exim-users, exim-users-admin
Subject: Re: [Exim] RBL help and blocked host



Whats this supposed to mean. this Ip address is supposed to be denied
according to list.dsbl.org. any suggestions would be helpful


[gooble@sp1 bin]# ./exim -d -bh 218.153.140.156
Exim version 4.14 uid=0 gid=0 pid=13709 D=fbb95cfd
Berkeley DB: Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001)
Support for:
Authenticators:
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile autoreply pipe smtp
changed uid/gid: forcing real = effective
uid=0 gid=0 pid=13709
auxiliary group list: <none>
configuration file is /usr/exim/configure
log selector = 020d99d8
trusted user
admin user
changed uid/gid: privilege not needed
uid=501 gid=501 pid=13709
auxiliary group list: <none>
originator: uid=0 gid=0 login=root name=root
sender address = root@???
sender_fullhost = [218.153.140.156]
sender_rcvhost = [218.153.140.156]

**** SMTP testing session as if from host 218.153.140.156
**** but without any ident (RFC 1413) callback.
**** This is not for real!

host in host_lookup? yes (matched "*")
looking up host name for 218.153.140.156
IP address lookup failed: h_errno=1
LOG: host_lookup_failed MAIN
no host name found for IP address 218.153.140.156
sender_fullhost = [218.153.140.156]
sender_rcvhost = [218.153.140.156]
set_process_info: 13709 handling incoming connection from [218.153.140.156]
host in host_reject_connection? no (option unset)
host in sender_unqualified_hosts? no (option unset)
host in recipient_unqualified_hosts? no (option unset)
host in helo_verify_hosts? no (option unset)
host in helo_try_verify_hosts? no (option unset)
host in helo_accept_junk_hosts? no (option unset)
LOG: smtp_connection MAIN
SMTP connection from [218.153.140.156]
SMTP>> 220 sp1.varsityspirit.com ESMTP Exim 4.14 Wed, 25 Feb 2004 09:26:23

-0600
220 sp1.varsityspirit.com ESMTP Exim 4.14 Wed, 25 Feb 2004 09:26:23 -0600
smtp_setup_msg entered

SMTP<<
LOG: smtp_syntax_error MAIN
SMTP syntax error in "" H=[218.153.140.156] unrecognized command
SMTP>> 500 unrecognized command

500 unrecognized command

SMTP<<
LOG: smtp_syntax_error MAIN
SMTP syntax error in "" H=[218.153.140.156] unrecognized command
SMTP>> 500 unrecognized command

500 unrecognized command

SMTP<<
LOG: smtp_syntax_error MAIN
SMTP syntax error in "" H=[218.153.140.156] unrecognized command
SMTP>> 500 unrecognized command

500 unrecognized command

SMTP<<
LOG: smtp_syntax_error MAIN
SMTP syntax error in "" H=[218.153.140.156] unrecognized command
SMTP>> 500 Too many unrecognized commands

500 Too many unrecognized commands
LOG: MAIN REJECT
SMTP call from [218.153.140.156] dropped: too many unrecognized commands
(last was "")
search_tidyup called




             "Odhiambo G.
             Washington"
             <wash@???                                          To
             m>                        exim-users@???
             Sent by:                                                   cc
             exim-users-admin@
             exim.org                                              Subject
                                       Re: [Exim] RBL help and blocked
                                       host
             02/25/2004 01:20
             AM









* Hiep Nguyen <HNguyen@???> [20040224 20:47]: wrote:
>
>
> I am running on exim 4.14.
>
> ok...heres my issue, any help is appreciated.
>
> I attempting to block some countries from send email to me. in the
> blocked_ip file I have 218.0.0.0 and some mail is coming to me from them.
> Is the syntax look correct for hostlist blocked_ip.
>
> i have the blocked_host file set like this
>
> 218.0.0.0/8
> 217.100.2.0/24
>
> =====
> Also I am attempting to deny known spam servers. I created the dnslists
> at the bottom. But when i check some spam that i recieved they should be
> denied. Can anyone see why spam is still coming to me if i am requesting
> the list from the RBLs.
>
> Is there a port i have to open on my firewall fro the queriesto go to the
> RBL sites??
>
> THANKS!!
>
>
> hostlist relay_from_hosts = 127.0.0.1
> hostlist blocked_ip = /usr/exim/filter/blocked_ip
> hostlist blocked_hosts = /usr/exim/filter/blocked_host
> hostlist rbl_hosts = ! 172.17.0.0/16 : 172.20.0.0/16
>
>
> ========================================================
>
> ######################################################################
> #                       ACL CONFIGURATION                            #
> #         Specifies access control lists for incoming SMTP mail      #
> ######################################################################

>
> begin acl
>
>
> # acl_check_rcpt:
> acl_check_rcpt:
>
>
> deny    local_parts   = ^.*[@!/|] : ^\\.
> #deny    local_parts   = ^.*[@%!/|] : ^\\.
> accept  local_parts   = /usr/exim/local
> #         domains       = +local_domains
>          domains       = +relay_to_domains

>
>
> deny hosts = +rbl_hosts
> #    message       = rejected because $sender_host_address is in a black
> list at $dnslist_domain\n$dnslist_text
> #     dnslists      = sbl.spamhaus.org=127.0.0.2 : \
> #                               relays.ordb.org : \
> #                               lists.dsbl.org : \
> #                               orbs.dorkslayers.com : \
> #                               dnsbl.njabl.org=127.0.0.4

>
> deny dnslists = blackholes.mail-abuse.org : list.dsbl.org :

bl.spamcop.net
> deny dnslists = sbl.spamhaus.org=127.0.0.2
> deny dnslists = relays.ordb.org
>
>
> warn    hosts = +rbl_hosts
>  message       = X-Warning: $sender_host_address is in a black list at
> $dnslist_domain
>          log_message   = found in $dnslist_domain
>          dnslists      = blackholes.wirehub.net=127.0.0.2

>
>   accept  domains       = +relay_to_domains
>   accept  hosts         = +relay_from_hosts
>   deny    message       = relay not permitted

>
>
> acl_check_data:
> accept
>



Could it happen, stranegly, that that is the whole config file? If not,
then try using "exim -d -bh" tests...



        cheers
       - wash
+----------------------------------+-----------------------------------------+


Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)
|
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,
|
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI
|
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9
|
+---------------------------------+------------------------------------------+


"Oh My God! They killed init! You Bastards!"

--from a /. post

--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##