Re: [exim] Using local_host_blacklist

Top Page
Delete this message
Reply to this message
Author: Amanda Giarla
Date:  
To: Andreas Metzler, exim-users
Subject: Re: [exim] Using local_host_blacklist
First time I read through the piped output I was looking for the file name
"local_host_blacklist"
to see that it was read from AND it is not in the output at all.

So I have done as you suggested and looked at the transactions especially
on the IP address that is in the file "local-host_blacklist".
I could see the IP address being checked by the various sections in the
output for example

>>> looking up host name for 64.142.111.80
>>> IP address lookup yielded c.mail.sonic.net
>>> gethostbyname2 looked up these IP addresses:
>>> name=c.mail.sonic.net address=64.142.111.80
>>> checking addresses for c.mail.sonic.net
>>> 64.142.111.80 OK


and later in output

>>> check dnslists = ${readfile {/etc/exim4/dnsbl.conf}{:}}
>>>                = bl.spamcop.net:zen.spamhaus.org:
>>> DNS list check: bl.spamcop.net
>>> => that means 64.142.111.80 is not listed at bl.spamcop.net
>>> DNS list check: zen.spamhaus.org
>>> new DNS lookup for 80.111.142.64.zen.spamhaus.org
>>> DNS lookup for 80.111.142.64.zen.spamhaus.org failed
>>> => that means 64.142.111.80 is not listed at zen.spamhaus.org
>>> deny: condition test failed in ACL "acl_check_rcpt"


The output does not show any sign that the IP Address 64.142.111.80 was
checked against
the contents of file "local_host_blacklist".

looking in the main config template located at
/etc/exim4/exim4.conf.template
the only thing I see that might be related to local_host_blacklist

acl_check_spammers:
  accept  hosts            = +whitelist


  drop    message        = Your host in blacklist on this server.
            log_message   = Host in blacklist
            hosts              = +spammers


accept

HOWEVER having read Chapter 7 of the Exim Internet Mailer Chapter 7
Am I suppose to add something like the following and place it in the
/etc/exim4/exim4.conf.template file?

  drop    message         = Your host in blacklist on this server.
            log_message   = Host in blacklist
            hosts               = +local_host_blacklist


Sorry if I appear to be confused - this is a difficult puzzle to put
together.

Amanda
















On Sat, Feb 13, 2016 at 5:31 AM, Andreas Metzler <eximusers@???> wrote:

> On 2016-02-12 Amanda Giarla <amandagiarla@???> wrote:
> > On Fri, Feb 12, 2016 at 5:38 AM, Andreas Metzler <eximusers@???>
> wrote:
>
> [...]
> >> This should work and you should be able to find the cause with
> >> swaks --to jane@??? --from sue@??? -pipe "exim -bh
> >> 64.142.111.80"
>
> > Wow Andreas Swaks is great. Running the following
> > swaks --to jane@??? --from sue@??? -pipe "exim -bh
> > 64.142.111.80"
> > was very revealing and adds to my understanding.
>
> > Looking through the 150+ lines of output I see the many checks like
> > "host_reject_connection?" and ""helo_verify_hosts?" and "acl_check_rcpt"
> > etc.
> > BUT I do not see anything that I interpret as a local_host_blacklist
> check.
> > I do see the zen.spamhous.org check and spamcop.net check.
>
> > Is there suppose to be a "local_host_blacklist" check in the output?
> > I'm thinking that some config file is missing something.
>
> Hello,
>
> by reading the exim -pipe's output and the acl configuration in
> parallel you should be able to see why the check does not hit, e.g.
> because the mail is accepted before.
>
> cu Andreas
> --
> `What a good friend you are to him, Dr. Maturin. His other friends are
> so grateful to you.'
> `I sew his ears on from time to time, sure'
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>