Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Exim RBL check / lsearch oddity

Discussion in 'General Discussion' started by nxds, May 31, 2006.

  1. nxds

    nxds Well-Known Member

    Joined:
    Jan 6, 2006
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    156
    I have been using this stanza in exim.conf for checking against RBLs but to exclude authenticated users:

    Code:
      deny   message = rejected because $sender_host_address is in a blacklist at $dnslist_domain see $dnslist_text
         !hosts = +relay_hosts
         !authenticated = *
         dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org : relays.ordb.org : list.dsbl.org
    I discovered today that IP addresses appearing in /etc/relayhosts were still being checked in the dnslists even though the line !hosts = +relay_hosts suggests they shouldn't. (relay_hosts is defined as: hostlist relay_hosts = lsearch:/etc/relayhosts : localhost)

    On investigation with exim -bh <blacklisted.IP.in.relayhosts>, I found that a hostname check, not an IP check was being done against /etc/relayhosts. After a bit of trial and error, I discovered that the lsearch was causing this to happen because using:
    Code:
    hostlist rbl_whitelist = /etc/relayhosts : localhost
    would work as expected.

    Any comments as to why lsearch would cause such dramatically different behaviour?

    Here are some snippets from exim -bh showing the debug output. 1st using lsearch:
    Code:
    >>> processing "deny"
>>> check !hosts = +relay_hosts
>>> sender host name required, to match against lsearch;/etc/relayhosts
>>> looking up host name for 212.60.x.x
>>> IP address lookup using gethostbyaddr()
>>> IP address lookup failed: h_errno=1
LOG: no host name found for IP address 212.60.x.x
>>> host in "lsearch;/etc/relayhosts : localhost"? no (failed to find host name for 212.60.65.174)
>>> host in "+relay_hosts"? no (end of list)
>>> check !authenticated = *
>>> check dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org : relays.ordb.org : list.dsbl.org
    Now without lsearch:
    Code:
    >>> processing "deny"
>>> check !hosts = +rbl_whitelist
>>> gethostbyname looked up these IP addresses:
>>>   name=localhost address=127.0.0.1
>>> host in "/etc/relayhosts : localhost"? yes (matched "212.60.x.x")
>>> host in "+rbl_whitelist"? yes (matched "+rbl_whitelist")
>>> deny: condition test failed
     
    #1 nxds, May 31, 2006
    Last edited: May 31, 2006
(You must log in or sign up to post here.)
Loading...
Similar Threads - Exim check lsearch
  1. bubaweb

    Exim custom filter not working

    bubaweb, Oct 10, 2017, in forum: E-mail Discussions
    Replies:
    8
    Views:
    126
    did-vmonroig
    Oct 20, 2017 at 2:48 AM
  2. James Tan

    exim outgoing and incoming limit

    James Tan, Oct 4, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    78
    cPanelMichael
    Oct 5, 2017
  3. _jman

    Exim filter to rewrite 'From' address on certain incoming mail

    _jman, Sep 28, 2017, in forum: E-mail Discussions
    Replies:
    7
    Views:
    181
    _jman
    Oct 18, 2017 at 11:11 AM
  4. jmginer

    Munin Exim mail throughput stopped showing graphs since last update

    jmginer, Sep 22, 2017, in forum: General Discussion
    Replies:
    2
    Views:
    103
    cPanelMichael
    Sep 22, 2017
  5. Evgheny

    exim listening not only localhost

    Evgheny, Sep 15, 2017, in forum: E-mail Discussions
    Replies:
    2
    Views:
    96
    cPanelMichael
    Sep 18, 2017

Share This Page