Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Exim RBL check / lsearch oddity

Discussion in 'General Discussion' started by nxds, May 31, 2006.

  1. nxds

    nxds Well-Known Member

    Joined:
    Jan 6, 2006
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    156
    I have been using this stanza in exim.conf for checking against RBLs but to exclude authenticated users:

    Code:
      deny   message = rejected because $sender_host_address is in a blacklist at $dnslist_domain see $dnslist_text
         !hosts = +relay_hosts
         !authenticated = *
         dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org : relays.ordb.org : list.dsbl.org
    I discovered today that IP addresses appearing in /etc/relayhosts were still being checked in the dnslists even though the line !hosts = +relay_hosts suggests they shouldn't. (relay_hosts is defined as: hostlist relay_hosts = lsearch:/etc/relayhosts : localhost)

    On investigation with exim -bh <blacklisted.IP.in.relayhosts>, I found that a hostname check, not an IP check was being done against /etc/relayhosts. After a bit of trial and error, I discovered that the lsearch was causing this to happen because using:
    Code:
    hostlist rbl_whitelist = /etc/relayhosts : localhost
    would work as expected.

    Any comments as to why lsearch would cause such dramatically different behaviour?

    Here are some snippets from exim -bh showing the debug output. 1st using lsearch:
    Code:
    >>> processing "deny"
>>> check !hosts = +relay_hosts
>>> sender host name required, to match against lsearch;/etc/relayhosts
>>> looking up host name for 212.60.x.x
>>> IP address lookup using gethostbyaddr()
>>> IP address lookup failed: h_errno=1
LOG: no host name found for IP address 212.60.x.x
>>> host in "lsearch;/etc/relayhosts : localhost"? no (failed to find host name for 212.60.65.174)
>>> host in "+relay_hosts"? no (end of list)
>>> check !authenticated = *
>>> check dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org : relays.ordb.org : list.dsbl.org
    Now without lsearch:
    Code:
    >>> processing "deny"
>>> check !hosts = +rbl_whitelist
>>> gethostbyname looked up these IP addresses:
>>>   name=localhost address=127.0.0.1
>>> host in "/etc/relayhosts : localhost"? yes (matched "212.60.x.x")
>>> host in "+rbl_whitelist"? yes (matched "+rbl_whitelist")
>>> deny: condition test failed
     
    #1 nxds, May 31, 2006
    Last edited: May 31, 2006
(You must log in or sign up to post here.)
Loading...
Similar Threads - Exim check lsearch
  1. Kamil Brand Nova

    In Progress [CPANEL-22678] eximstats_spam_check errors

    Kamil Brand Nova, Nov 28, 2018, in forum: Security
    Replies:
    1
    Views:
    235
    cPanelMichael
    Nov 28, 2018
  2. goodmove

    Question about eximstats_spam_check

    goodmove, Aug 27, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    144
    cPanelLauren
    Aug 27, 2018
  3. ruiz

    Change eximstats_spam_check in crontab

    ruiz, Jul 29, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    144
    cPanelMichael
    Aug 2, 2018
  4. mehdix92

    Disable Exim Reverse DNS check

    mehdix92, Jun 14, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    289
    cPanelMichael
    Jun 14, 2018
  5. smartrange

    warn [eximstats_spam_check]

    smartrange, May 24, 2018, in forum: E-mail Discussion
    Replies:
    6
    Views:
    319
    cPanelLauren
    Jun 5, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice