Re: [exim] Spamhaus Blacklist

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: basti
CC: exim users
Subject: Re: [exim] Spamhaus Blacklist
On 2014-05-22 at 11:40 +0200, basti wrote:
> Iuse the spamhaus blacklist for exim (CHECK_RCPT_IP_DNSBLS).
>
> First of all what are the differences between CHECK_RCPT_IP_DNSBLS and
> CHECK_RCPT_DOMAIN_DNSBLS ??


That's Debian; the man-pages are lacking, but the comments in the input
files for Debian's configuration system are illuminating.

$ less /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
----------------------------8< cut here >8------------------------------
  # Check against classic DNS "black" lists (DNSBLs) which list
  # sender IP addresses
  .ifdef CHECK_RCPT_IP_DNSBLS
  warn
    dnslists = CHECK_RCPT_IP_DNSBLS
    add_header = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  .endif



  # Check against DNSBLs which list sender domains, with an option to locally
  # whitelist certain domains that might be blacklisted.
  #
  # Note: If you define CHECK_RCPT_DOMAIN_DNSBLS, you must append
  # "/$sender_address_domain" after each domain.  For example:
  # CHECK_RCPT_DOMAIN_DNSBLS = rhsbl.foo.org/$sender_address_domain \
  #                            : rhsbl.bar.org/$sender_address_domain
  .ifdef CHECK_RCPT_DOMAIN_DNSBLS
  warn
    !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
                    {CONFDIR/local_domain_dnsbl_whitelist}\
                    {}}
    dnslists = CHECK_RCPT_DOMAIN_DNSBLS
    add_header = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  .endif
----------------------------8< cut here >8------------------------------


So, if you don't follow the instructions (which require knowing both
Exim and Debian's config system to find) then the only difference is
that `CHECK_RCPT_DOMAIN_DNSBLS` is not checked if the sender address is
listed in a pattern from `/etc/exim4/local_domain_dnsbl_whitelist`.

If you follow the hints, which involves _you_ supplying the
`/$sender_address_domain` on each entry, then they serve different
purposes and your log messages will make more sense. :)
--
My employer, Apcera Inc, is hiring sysadmin; primarily San Francisco:
http://www.apcera.com/jobs/#operations-engineer
(but all the mistakes in this email are made in my personal capacity)