The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to I allow whitelist accept before SBL code in Exim configuration

Discussion in 'General Discussion' started by BeDazzler, Apr 13, 2007.

  1. BeDazzler

    BeDazzler Member

    Joined:
    Feb 20, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Australia
    Hi Everyone,

    We are blocking hosts on SBL's from lodging email messages with our cPanel servers.
    There are some clients who need to receive messages from senders who are on the SBLs - for example particular_person@hotmail.com.

    Even though the sender's email addresses are listed in the whitelists for each domain name, Exim is still blocking the message delivery.

    Q: Is there a way to allow whitelisted senders to get their messages through before the SBL blocking block's their domain from sending ?

    Here's the code in Exim config....

    ---- snip

    #!!# ACL that is used after the RCPT command
    check_recipient:
    # Exim 3 had no checking on -bs messages, so for compatibility
    # we accept if the source is local SMTP (i.e. not over TCP/IP).
    # We do this by testing for an empty sending host field.
    accept hosts = :

    #**# Block List Configuration
    #**# Last updated 10 February 2007
    #
    # Always accept mail to postmaster & abuse
    #
    accept domains = +local_domains
    local_parts = postmaster:abuse
    #
    # Check sending hosts against DNS black lists.
    # Reject message if address listed in blacklist.
    deny message = ${sender_host_address} is listed at ${dnslist_domain}; See ${dnslist_text}
    !hosts = +relay_hosts
    !authenticated = *
    dnslists = zen.spamhaus.org : bl.spamcop.net : list.dsbl.org : cbl.abuseat.org : dnsbl.sorbs.net
    #**#
    #**# Blocked List Configuration - ENDS HERE

    -- snip

    The above code works very well and we are pleased with the results.
    Combined with Message Labs, this really cuts our SPAM to next to nothing.

    Any ideas how we can enable the whitelists here ?

    Regards,


    Darren.
     
    #1 BeDazzler, Apr 13, 2007
  2. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    316
    I believe this is a glitch with the whitelist that exim uses.

    The whitelist will work if helo shows the correct hostname, but will not work if the hostname does not show up correctly. I believe this has to do with an incorrect dns config on the ISP side.

    tail -f -n40 /var/log/exim_rejectlog

    Example Where White List Fails
    2007-04-16 20:09:22 H=(DCEZNFFGBB1) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (DCEZNFFGBB1) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :

    Example Where White List Will Work
    2007-04-16 20:09:22 H=(dialup.someisp.net) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (dialup.someisp.net) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :
     
    #2 bmcpanel, Apr 16, 2007
    Last edited: Apr 16, 2007
  3. nxds

    nxds Well-Known Member

    Joined:
    Jan 6, 2006
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    156
    Here's the blacklist/whitelist stuff I use:

    In first exim editor box:
    PHP:
    hostlist rbl_whitelist = /etc/relayhosts : /etc/exim_rbl_whitelist localhost
    In third exim editor box:
    PHP:
      #if it gets here it isn't mailman

          deny domains = /etc/exim_deny_quotalimit
             message     mail to $domain has been prohibited account size limit reached
      deny domains     = /etc/exim_deny_domains
             message     mail to $domain has been administratively prohibited
      deny recipients     = /etc/exim_deny_recipients
             message     mail to $local_part@$domain has been administratively prohibited
      accept senders     = /etc/exim_accept_senders
      deny   message     $sender_address has been denied access to this server.
                 senders = /etc/exim_deny_senders
      deny   message     rejected because $sender_host_address is in a blacklist at $dnslist_domain see $dnslist_text
                 !hosts = +rbl_whitelist
                 !authenticated = *
                 dnslists bl.spamcop.net zen.spamhaus.org : list.dsbl.org
    /etc/exim_rbl_whitelist is a file containing IP addresses I want to skip RBL checks for.
    /etc/exim_deny_domains is a file containing domains I want to block mail to
    /etc/exim_deny_recipients is a file containing e-mail addresses I want to block mail to
    /etc/exim_accept_senders is a file containing e-mail addresses I want to accept mail from
    /etc/exim_deny_senders is a file containing e-mail addresses I want to block mail from
    /etc/exim_deny_quotalimit is a file listing domains that are at or over their quota. This stops mail for over quota domains getting into the queue. A cronjob runs every five minutes to update the list from the output of repquota.

    All the files must exist (use touch to create them) or exim will complain.
     
    #3 nxds, Apr 17, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - allow whitelist accept
  1. tutt

    Allow non-privileged users to whitelist IPs (cPHulkd+CSF)

    tutt, Sep 3, 2015, in forum: Security
    Replies:
    2
    Views:
    609
    quizknows
    Sep 5, 2015
  2. ayonilari

    Root WHM access disallowed after User WHM access from Cpanel

    ayonilari, Jul 25, 2017 at 4:46 AM, in forum: General Discussion
    Replies:
    6
    Views:
    48
    ayonilari
    Jul 25, 2017 at 10:25 AM
  3. codplay

    Redirect to subfolder. Disallow direct subfolder access

    codplay, Jul 24, 2017 at 9:34 PM, in forum: Bind / DNS / Nameserver Issues
    Replies:
    1
    Views:
    24
    cPanelMichael
    Jul 25, 2017 at 11:13 AM
  4. Dhoom

    How do I enable AllowOverride All in WHM

    Dhoom, Jun 24, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    143
    cPanelMichael
    Jun 26, 2017
  5. mahou66

    cPanel Not Allowing Wordpress Updates

    mahou66, Jun 13, 2017, in forum: General Discussion
    Replies:
    1
    Views:
    117
    cPanelMichael
    Jun 13, 2017

Share This Page