Re: [exim] ORDB blackilisting

Top Page
Delete this message
Reply to this message
Author: Jakob Hirsch
Date:  
To: Clive McDowell
CC: exim-users
Subject: Re: [exim] ORDB blackilisting
Clive McDowell wrote:

> one of our mailhubs running exim 4.51 has found its way onto the ordb
> blacklist for open relaying. The headers of the relayed
> Received: from ourhub [xxx.xxx.xxx.xxx]
>     by groundzero.ordb.org (Postfix) with ESMTP id E4A5B2AAFA
>     for <marvin@???>; Wed, 23 Nov 2005 17:31:33 +0000 (GMT)
> Received: from [217.157.38.18] (helo=ordb.org)
>     by ourhub with esmtp (Exim 4.51)
>     id 1EeySy-0000yd-MP
>     for marvin@???; Wed, 23 Nov 2005 17:31:33 +0000


No wonder... it obviously relayed a test from ordb.


> Are there any circumstances under which such messages should be allowed
> through or can I simply refuse messages with blank from
> headers? If the latter is there a routine way of doing this with exim.


You can ("deny condition = ${if eq{$h_From:}{}}" in your data acl), but
that is only working on symptoms! Instead, you should try to find out
_why_ ourhub (the obfuscation is not nice, btw) relayed the message. Maybe
your controlling relaying acl misbehave on hosts without a PTR record.
"exim -d+all -bh 217.157.38.18" is a good start.