Re: [exim] RBL + Blacklisting + Whitelisting

Top Page
Delete this message
Reply to this message
Author: Malcolm Staudinger
Date:  
To: exim-users
Subject: Re: [exim] RBL + Blacklisting + Whitelisting
sysadm wrote:
> Dear exim users
> I'm a newbie with exim, so please ignore my ignorance.
> I'm trying to construct a set-up where I do the RBL reject at the
> incomming SMTP level. In the set up I will also try to do host based
> black/white list reject/accept.
>
> I have created the following, will that do, or have I missed something?
>
>   #for stopping spam at SMTP level start:
>   deny    message   = rejected because $sender_host_address is in a 
> local blacklist of hosts
>           hosts     = ${if exists {/etc/exim/black-list-hosts} \
>                            {/etc/exim/black-list-hosts}{}}

>
>   deny    message   = rejected because $sender_host_address is in a 
> black list at $dnslist_domain\n$dnslist_text
>           dnslists  = 
> relays.ordb.org:sbl.spamhaus.org:xbl.spamhaus.org:sbl-xbl.spamhaus.org:bl.spamcop.net:\

>
> dnsbl.njabl.org:blackholes.mail-abuse.org:dialups.mail-abuse.org:relays.mail-abuse.org:\
>
> dnsbl.sorbs.net:http.dnsbl.sorbs.net:socks.dnsbl.sorbs.net:misc.dnsbl.sorbs.net:\
>
> smtp.dnsbl.sorbs.net:web.dnsbl.sorbs.net:spam.dnsbl.sorbs.net:block.dnsbl.sorbs.net:\
>
> zombie.dnsbl.sorbs.net:dul.dnsbl.sorbs.net:rhsbl.sorbs.net:cbl.abuseat.org:list.dsbl.org:\
>

There are a few problems with the RBL list you're trying to use

1. You're querying the same data multiple times. sbl-xbl.spamhaus.org is
the same as sbl.spamhaus.org + xbl.spamhaus.org. Also, cbl.abuseat.org
is incorporated in the XBL. dnsbl.sorbs.net is an aggregate zone of most
of those that you've listed. See http://www.au.sorbs.net/using.shtml

2. mail-abuse.org is defunct

3. You can't query a righthandside blocklist (ie one that lists domain
names, not IP addresses), in this manner. rhsbl.sorbs.net is useless in
this context