Lähettäjä: Andreas Metzler Päiväys: Vastaanottaja: exim-users Aihe: Re: [exim] Using local_host_blacklist
[redirecting with full-quote to ML - please do not take discussions
off-list without good reason]
On 2016-02-11 Amanda Giarla <amandagiarla@???> wrote: > Sorry for the lack of clarity. > I'm working on a training server with the general goal of managing email.
> The specific task at this moment is understanding email blacklisting.
> The server is set up withUbuntu, VestaCP, exim4, dovecot, clamAV,
> spamassassin etc.
> The exim4 log file is located at* /var/log/exim4/mainlog*
> I can > *tail -f /var/log/exim4/mainlog* > and watch exim make log entries on inbound emails
> For example the following test message was sent from my iphone via sonic.net
> and the following appeared in the log file > 2016-02-10 18:56:51 1aTect-0003kd-Gx <= sue@??? H=c.mail.sonic.net
> [64.142.111.80] P=esmtps X=TLS1.2:DHE_RSA_AES_128_CBC_SHA256:128 S=1781 id=
> D6AE67A2-E391-4A37-8EEF-E47D0BC54EDF@???
> 2016-02-10 18:56:51 1aTect-0003kd-Gx => jane <jane@???>
> R=localuser T=local_delivery
> 2016-02-10 18:56:51 1aTect-0003kd-Gx Completed > Notice that the log entry of the email includes the *From: IP Address of
> [64.142.111.80]* > So I created the following file > */etc/exim4/local_host_blacklist* > and placed the the IP address 64.142.111.80 in the file.
> Note: That IP address is the only thing in the file. > did a > *service exim4 restart* > Resent a message from my iPhone and the following was logged in*
> /var/log/exim4/mainlog*
> Nothing was entered in* /var/log/exim4/rejectlog* > 2016-02-11 12:46:05 1aTvJd-0003Wp-DM <= sue@??? H=c.mail.sonic.net
> [64.142.111.80] P=esmtps X=TLS1.2:DHE_RSA_AES_128_CBC_SHA256:128 S=1781 id=
> 065F2950-1086-4AF3-A5E7-0DF6C84CBCD2@???
> 2016-02-11 12:46:05 1aTvJd-0003Wp-DM => jane <jane@???>
> R=localuser T=local_delivery
> 2016-02-11 12:46:05 1aTvJd-0003Wp-DM Completed > If the black list mechanism is working then I expected to see a difference
> in log entries.
> But I did not.
> So clearly EITHER the exim4 blacklist mechanism is broken* (not likely)* OR
> I have miss interpreted the documentation and messed something up (Which of
> course is the most likely thing that has happened). [...]
This should work and you should be able to find the cause with
swaks --to jane@??? --from sue@??? -pipe "exim -bh 64.142.111.80"
cu Andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'