[vox-tech] exim / rbl problem resolved
Peter Jay Salzman
vox-tech@lists.lugod.org
Fri, 14 Dec 2001 10:53:59 -0800
first, i'd like to thank ted for the cool info on the difference between ordb
and orbz. i chose ordb; it sounded like you definitely had an opinion on
the issue. that's *exactly* the sort of input i was hoping to get.
second, i'd like to post a cool resource for other debian users:
http://www.exim.org/exim-html-3.20/doc/html/spec_46.html#SEC810
apparently, you can use a bunch of different services. nice! there seems
to be a slight mistake in the 'rbl_reject_recipients' description. you
should tack on a "= true" at the end of the directive. see below.
third, my systems are now configured to not accept mail from open relays.
i've tested it, and it worked. here is what the relevent portion of my
exim.conf looks like:
# Exim contains support for the Realtime Blocking List (RBL) that is being
# maintained as part of the DNS. See http://maps.vix.com/rbl/ for
# background. Uncommenting the following line will make Exim reject mail
# from any host whose IP address is blacklisted in the RBL at maps.vix.com.
# reject messages whose sending host is in ORDB
rbl_domains = relays.ordb.org/reject
# check all hosts other than those on internal network
rbl_hosts = !192.168.0.0/24:0.0.0.0/0
# but allow mail to postmaster@my.dom.ain even from rejected host
recipients_reject_except = postmaster@my.dom.ain
# change some logging actions (collect more data)
rbl_log_headers = true # log headers of accepted ORDBed messages
rbl_log_rcpt_count = true # log recipient info of accepted ORDBed messages
# The action for domains without either of these is controlled by
# rbl_reject_recipients, which implies `/reject' when set.
rbl_reject_recipients = true
rbl_warn_header = false
i've been getting between 1 and 5 spams an hour. it'll be interesting to see
what happens.
pete
--
** Please don't send me html email **
PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
PGP Public Key: finger p@dirac.org