Re: [exim] Spamhaus Blacklist

Page principale
Ce message fait partie du fil suivant :
M++\Arborescence complète du fil triée par date
MMMMMike Cardwell à <-
.M 
Supprimer ce message
Répondre à ce message
Auteur: Phil Pennock
Date:  
À: basti
CC: exim users
Sujet: Re: [exim] Spamhaus Blacklist
On 2014-05-22 at 11:40 +0200, basti wrote:
> Iuse the spamhaus blacklist for exim (CHECK_RCPT_IP_DNSBLS).
>
> First of all what are the differences between CHECK_RCPT_IP_DNSBLS and
> CHECK_RCPT_DOMAIN_DNSBLS ??

That's Debian; the man-pages are lacking, but the comments in the input
files for Debian's configuration system are illuminating. 

$ less /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
----------------------------8< cut here >8------------------------------
  # Check against classic DNS "black" lists (DNSBLs) which list
  # sender IP addresses
  .ifdef CHECK_RCPT_IP_DNSBLS
  warn
    dnslists = CHECK_RCPT_IP_DNSBLS
    add_header = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  .endif



  # Check against DNSBLs which list sender domains, with an option to locally
  # whitelist certain domains that might be blacklisted.
  #
  # Note: If you define CHECK_RCPT_DOMAIN_DNSBLS, you must append
  # "/$sender_address_domain" after each domain.  For example:
  # CHECK_RCPT_DOMAIN_DNSBLS = rhsbl.foo.org/$sender_address_domain \
  #                            : rhsbl.bar.org/$sender_address_domain
  .ifdef CHECK_RCPT_DOMAIN_DNSBLS
  warn
    !senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
                    {CONFDIR/local_domain_dnsbl_whitelist}\
                    {}}
    dnslists = CHECK_RCPT_DOMAIN_DNSBLS
    add_header = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  .endif
----------------------------8< cut here >8------------------------------


So, if you don't follow the instructions (which require knowing both
Exim and Debian's config system to find) then the only difference is
that `CHECK_RCPT_DOMAIN_DNSBLS` is not checked if the sender address is
listed in a pattern from `/etc/exim4/local_domain_dnsbl_whitelist`.

If you follow the hints, which involves _you_ supplying the
`/$sender_address_domain` on each entry, then they serve different
purposes and your log messages will make more sense. :)
--
My employer, Apcera Inc, is hiring sysadmin; primarily San Francisco:
http://www.apcera.com/jobs/#operations-engineer
(but all the mistakes in this email are made in my personal capacity)

Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] Spamhaus Blacklist[exim] Adding localhost exception to TLS->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)