Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to I allow whitelist accept before SBL code in Exim configuration

Discussion in 'General Discussion' started by BeDazzler, Apr 13, 2007.

  1. BeDazzler

    BeDazzler Member

    Joined:
    Feb 20, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Australia
    Hi Everyone,

    We are blocking hosts on SBL's from lodging email messages with our cPanel servers.
    There are some clients who need to receive messages from senders who are on the SBLs - for example particular_person@hotmail.com.

    Even though the sender's email addresses are listed in the whitelists for each domain name, Exim is still blocking the message delivery.

    Q: Is there a way to allow whitelisted senders to get their messages through before the SBL blocking block's their domain from sending ?

    Here's the code in Exim config....

    ---- snip

    #!!# ACL that is used after the RCPT command
    check_recipient:
    # Exim 3 had no checking on -bs messages, so for compatibility
    # we accept if the source is local SMTP (i.e. not over TCP/IP).
    # We do this by testing for an empty sending host field.
    accept hosts = :

    #**# Block List Configuration
    #**# Last updated 10 February 2007
    #
    # Always accept mail to postmaster & abuse
    #
    accept domains = +local_domains
    local_parts = postmaster:abuse
    #
    # Check sending hosts against DNS black lists.
    # Reject message if address listed in blacklist.
    deny message = ${sender_host_address} is listed at ${dnslist_domain}; See ${dnslist_text}
    !hosts = +relay_hosts
    !authenticated = *
    dnslists = zen.spamhaus.org : bl.spamcop.net : list.dsbl.org : cbl.abuseat.org : dnsbl.sorbs.net
    #**#
    #**# Blocked List Configuration - ENDS HERE

    -- snip

    The above code works very well and we are pleased with the results.
    Combined with Message Labs, this really cuts our SPAM to next to nothing.

    Any ideas how we can enable the whitelists here ?

    Regards,


    Darren.
     
    #1 BeDazzler, Apr 13, 2007
  2. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    316
    I believe this is a glitch with the whitelist that exim uses.

    The whitelist will work if helo shows the correct hostname, but will not work if the hostname does not show up correctly. I believe this has to do with an incorrect dns config on the ISP side.

    tail -f -n40 /var/log/exim_rejectlog

    Example Where White List Fails
    2007-04-16 20:09:22 H=(DCEZNFFGBB1) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (DCEZNFFGBB1) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :

    Example Where White List Will Work
    2007-04-16 20:09:22 H=(dialup.someisp.net) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (dialup.someisp.net) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :
     
    #2 bmcpanel, Apr 16, 2007
    Last edited: Apr 16, 2007
  3. nxds

    nxds Well-Known Member

    Joined:
    Jan 6, 2006
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    156
    Here's the blacklist/whitelist stuff I use:

    In first exim editor box:
    PHP:
    hostlist rbl_whitelist = /etc/relayhosts : /etc/exim_rbl_whitelist localhost
    In third exim editor box:
    PHP:
      #if it gets here it isn't mailman

          deny domains = /etc/exim_deny_quotalimit
             message     mail to $domain has been prohibited account size limit reached
      deny domains     = /etc/exim_deny_domains
             message     mail to $domain has been administratively prohibited
      deny recipients     = /etc/exim_deny_recipients
             message     mail to $local_part@$domain has been administratively prohibited
      accept senders     = /etc/exim_accept_senders
      deny   message     $sender_address has been denied access to this server.
                 senders = /etc/exim_deny_senders
      deny   message     rejected because $sender_host_address is in a blacklist at $dnslist_domain see $dnslist_text
                 !hosts = +rbl_whitelist
                 !authenticated = *
                 dnslists bl.spamcop.net zen.spamhaus.org : list.dsbl.org
    /etc/exim_rbl_whitelist is a file containing IP addresses I want to skip RBL checks for.
    /etc/exim_deny_domains is a file containing domains I want to block mail to
    /etc/exim_deny_recipients is a file containing e-mail addresses I want to block mail to
    /etc/exim_accept_senders is a file containing e-mail addresses I want to accept mail from
    /etc/exim_deny_senders is a file containing e-mail addresses I want to block mail from
    /etc/exim_deny_quotalimit is a file listing domains that are at or over their quota. This stops mail for over quota domains getting into the queue. A cronjob runs every five minutes to update the list from the output of repquota.

    All the files must exist (use touch to create them) or exim will complain.
     
    #3 nxds, Apr 17, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - allow whitelist accept
  1. tecwithquestion

    allow user to run script located in /bin

    tecwithquestion, Sep 8, 2017, in forum: General Discussion
    Replies:
    8
    Views:
    121
    cPanelMichael
    Sep 18, 2017 at 12:59 PM
  2. PeteS

    Shell access enabled even though package does not allow it

    PeteS, Aug 24, 2017, in forum: General Discussion
    Replies:
    3
    Views:
    98
    cPanelMichael
    Aug 30, 2017
  3. _jman

    Allow 'who' in jailed shell

    _jman, Aug 11, 2017, in forum: General Discussion
    Replies:
    8
    Views:
    151
    _jman
    Aug 24, 2017
  4. 1oann1s

    Size of response body exceeds the maximum allowed

    1oann1s, Aug 10, 2017, in forum: Security
    Replies:
    20
    Views:
    377
    cPanelMichael
    Aug 14, 2017
  5. ayonilari

    Root WHM access disallowed after User WHM access from Cpanel

    ayonilari, Jul 25, 2017, in forum: General Discussion
    Replies:
    6
    Views:
    130
    ayonilari
    Jul 25, 2017

Share This Page