Exempt domains from RBL checking?

Greetings sawbuck,

The patch provided by Nick would implement the /etc/skiprbldomains behavior across all RBL configurations deployed through the "RBLs" tab of the Basic Editor under the Exim Configuration page. No changes through the Advanced Editor would be needed with Nick's patch. It'd just be a means of following Nick's post of applying the patch, running the necessary commands he posted to build out a new exim.conf, and editing /etc/skiprbldomains. Keep in mind that cPanel updates will revert the patched perl modules, meaning that if you were to ever need to re-save Exim configurations you should re-apply Nick's patch before each Exim config save to ensure the patched behavior is present.

The steps you've posted could be deployed as an *alternate* solution to Nick's patch. You've basically pulled out the changes Nick made and wrote them in a suitable instruction set for the Advanced Editor.

The only item of note I'd remind folks about with your manual deployment, though, is that you deployment would be best suited for if all of the default RBLs were *disabled* in the Basic Editor, since you are effectively adding in a custom RBL manually. If the default ones were left in, it would result in duplicate RBL configs.

In short, if your steps were used in conjunction with leaving the cPanel deployed RBL configurations on, then the whitelisted domains would appropriately skip your custom RBL acl but trip on the default RBL acl. If your steps were used in conjunction with Nick's patch, efforts would be duplicated and potentially result in a failed exim.conf build at worst and multiple DNS requests to the RBLs at best.

In short, whichever method is chosen, only one of those methods should be deployed. Both accomplish similar end goals and are completely acceptable.

At the very least I'd recommend opening a feature request at cPanel Feature Requests for this so we can see the demand for this functionality being added to the product.

 

If you'd like to open a ticket on this I can take a further look as time permits. Nick's patch on its own should automatically cover all of the RBLs as enabled through the Basic Editor interface (after the conf is rebuilt). Your patch would be required if the individual manually deployed an RBL acl through the Advanced Editor, which would be by updating their manually deployed RBL acl to include the "domains = ! +skip_rbl_domains" exemption (in addition to defining skip_rbl_domains).

It's kind of an either/or situation. If the RBLs used are the ones under the RBLs tab in the Basic Editor, Nick's patch should be able to solve the issue in of itself. If the RBLs used were custom written in the Advanced Editor, your patch would be applicable.

I just want to make sure everything is sorted so you aren't doubling up on DNS requests and otherwise just have the ACLs and directives set forth that are required. I know a lot of individuals use our forums posts for reference as well, so ensuring the instruction set we have here is the correct one is certainly something I want to make sure we iron out. If you do open a ticket, please post the Ticket ID here.

 

This option (skiprbldomains) work fine to indicate local domains (local accounts) who do not use the rbl, but would be great another option for whitelist remote domains against the rbls.

Maybe something like:

This configuration works well for me, but I have edit exim.conf manually every time I change the exim config from whm.

 

I would like to see a remote domain option as well. Local domains is a hammer, but remote domains is much more precise. I have a few clients who have clients who are constantly on RBLs. I would like to allow those domains (or anyone spoofing those domains) to pass the RBL rather than having my client get all of the spam that would be blocked by the RBL.

 

Submited!
thanks Michael.

 

@sawbuck ,Thank you!, I had forgotten that detail.

The Link:

Feature Request: Exempt Remote domains from RBL checking