Re: [exim] Blacklists

Top Page
Delete this message
Reply to this message
Author: Jonathan Gilpin
Date:  
To: Todd Lyons
CC: exim-users@exim.org
Subject: Re: [exim] Blacklists
Hi Todd,

Thanks for your response.. it looks right to my eyes aswell, I was
wondering if there was an easy way to debug this kind of thing...
IE: is there a command to authenticate as a specific user and from am
IP address like -bh

Any improvements to the below would be appreciated,

acl_check_rcpt:
   accept  hosts = :
   deny    domains       = +local_domains
           local_parts   = ^[.] : ^.*[@%!/|]
   deny    domains       = !+local_domains
           local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
   accept  local_parts   = postmaster
           domains       = +local_domains


#  accept  authenticated = *
#         add_header    = X-AuthenticatedID: $authenticated_id
#         add_header    = X-OriginalFromAdr: $sender_address


   deny    message       = Reverse DNS lookup failed for host  
$sender_host_address.
           log_message   = Reverse DNS lookup failed
           domains       = !+noreverse
           hosts         = !+relay_from_hosts
           hosts         = !+host_accept_relay
           !authenticated = *
           !verify       = reverse_host_lookup
#  require verify        = sender
   accept  domains       = +local_domains
           endpass
           verify        = recipient
   accept  domains       = +relay_to_domains
           endpass
           verify        = recipient
   deny    message       = $sender_host_address is not allowed to send  
mail from $sender_address_domain
           log_message   = SPF check failed
           hosts         = !+relay_from_hosts
           spf           = fail
  accept  authenticated = *
           add_header    = X-AuthenticatedID: $authenticated_id
           add_header    = X-OriginalFromAdr: $sender_address
#  deny    message       = relay not permitted
   deny    message       = Access denied - $sender_host_address listed  
by $dnslist_domain\n$dnslist_text
           !authenticated = *
           hosts         = !+relay_from_hosts
           dnslists      = dnsbl.sorbs.net
   deny    log_message   = match sbl-xbl.spamhaus.org
           hosts         = !+relay_from_hosts
           !authenticated = *
           dnslists      = sbl-xbl.spamhaus.org
   deny    log_message   = Access denied - $sender_host_address listed  
by $dnslist_domain\n$dnslist_text
           !authenticated = *
           hosts         = !+relay_from_hosts
           dnslists      = bl.spamcop.net
   deny    log_message   = Access denied - $sender_host_address listed  
by $dnslist_domain\n$dnslist_text
           !authenticated = *
           hosts         = !+relay_from_hosts
           dnslists      = bl.spamcop.net
   accept  hosts         = +relay_from_hosts
   accept  hosts = +host_accept_relay


   accept  authenticated = *
           add_header    = X-AuthenticatedID: $authenticated_id
           add_header    = X-OriginalFromAdr: $sender_address
   deny    message       = relay not permitted









Kind Regards,


Jonathan Gilpin
Fluent Ltd
www.fluent.ltd.uk

On 21 Aug 2009, at 01:37, Todd Lyons wrote:

> On Wed, Aug 19, 2009 at 5:59 AM, Jonathan Gilpin<jonathan@???
> > wrote:
>> Hi,
>>
>> I have the following in my configure file to block mail on a certain
>> blacklist. However, I want to allow the IP if the user is
>> authenticated.
>> However, it doesnt seem to be working...
>>
>> Is the syntax incorrect? should it be authenticated = !* ?
>>
>>   deny    message       = Access denied - $sender_host_address listed
>> by $dnslist_domain\n$dnslist_text
>>           !authenticated = *
>>           hosts         = !+relay_from_hosts
>>           dnslists      = dnsbl.sorbs.net

>
> It looks fine. I would say that you need to post the rest of your
> ACL's. With no further information, I would say that you are getting
> blocked somewhere else. Also, I'll state the obvious and make sure
> that you restart exim after you make changes to the exim.conf.
>
> -- 
> Regards...      Todd