Re: [exim] my IP blacklisted at CBL issues with HELO'ing

Top Page
Delete this message
Reply to this message
Author: Graeme Fowler
Date:  
To: exim-users
Subject: Re: [exim] my IP blacklisted at CBL issues with HELO'ing
On 19/01/2007 12:48, Markus Hardiyanto wrote:
> no, it's not a gateway. it's a web host server.


The IP you provided was delisted on Wednesday morning, then relisted
yesterday afternoon.

Sounds like time to analyse your Exim logs, doesn't it?

eximstats < /var/log/exim/main.log (or whatever the path to your main
logfile is) will give you a good bit of detail; you should be able to
determine from there which local user is producing the mail.

As it's a hosting server, I'd guess that you either allow
unauthenticated relaying of MAIL FROM: some_valid_address@hosted_domain,
or authenticated relaying of anything. If the former, stop it as it's
easily abused. If the latter, you should be able to work out which
domain or user is doing the authentication before relaying.

If it's user forwarding, that should also be fairly obvious.

Have a go at it. You'll probably work it out straight away.

Graeme