Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to I allow whitelist accept before SBL code in Exim configuration

Discussion in 'General Discussion' started by BeDazzler, Apr 13, 2007.

  1. BeDazzler

    BeDazzler Member

    Joined:
    Feb 20, 2006
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    Australia
    Hi Everyone,

    We are blocking hosts on SBL's from lodging email messages with our cPanel servers.
    There are some clients who need to receive messages from senders who are on the SBLs - for example particular_person@hotmail.com.

    Even though the sender's email addresses are listed in the whitelists for each domain name, Exim is still blocking the message delivery.

    Q: Is there a way to allow whitelisted senders to get their messages through before the SBL blocking block's their domain from sending ?

    Here's the code in Exim config....

    ---- snip

    #!!# ACL that is used after the RCPT command
    check_recipient:
    # Exim 3 had no checking on -bs messages, so for compatibility
    # we accept if the source is local SMTP (i.e. not over TCP/IP).
    # We do this by testing for an empty sending host field.
    accept hosts = :

    #**# Block List Configuration
    #**# Last updated 10 February 2007
    #
    # Always accept mail to postmaster & abuse
    #
    accept domains = +local_domains
    local_parts = postmaster:abuse
    #
    # Check sending hosts against DNS black lists.
    # Reject message if address listed in blacklist.
    deny message = ${sender_host_address} is listed at ${dnslist_domain}; See ${dnslist_text}
    !hosts = +relay_hosts
    !authenticated = *
    dnslists = zen.spamhaus.org : bl.spamcop.net : list.dsbl.org : cbl.abuseat.org : dnsbl.sorbs.net
    #**#
    #**# Blocked List Configuration - ENDS HERE

    -- snip

    The above code works very well and we are pleased with the results.
    Combined with Message Labs, this really cuts our SPAM to next to nothing.

    Any ideas how we can enable the whitelists here ?

    Regards,


    Darren.
     
    #1 BeDazzler, Apr 13, 2007
  2. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    316
    I believe this is a glitch with the whitelist that exim uses.

    The whitelist will work if helo shows the correct hostname, but will not work if the hostname does not show up correctly. I believe this has to do with an incorrect dns config on the ISP side.

    tail -f -n40 /var/log/exim_rejectlog

    Example Where White List Fails
    2007-04-16 20:09:22 H=(DCEZNFFGBB1) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (DCEZNFFGBB1) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :

    Example Where White List Will Work
    2007-04-16 20:09:22 H=(dialup.someisp.net) [216.144.210.138] F=<bm@hostmost.com> rejected RCPT <bm@hostmost.com>: Message rejected because (dialup.someisp.net) [216.144.210.138] is blacklisted at bl.spamcop.net . GIVE THIS ENTIRE MESSAGE TO YOUR ISP OR WEB HOSTING PROVIDER FOR DEBUGGING. See Blocked - see http://www.spamcop.net/bl.shtml?216.144.210.138 :
     
    #2 bmcpanel, Apr 16, 2007
    Last edited: Apr 16, 2007
  3. nxds

    nxds Well-Known Member

    Joined:
    Jan 6, 2006
    Messages:
    53
    Likes Received:
    0
    Trophy Points:
    156
    Here's the blacklist/whitelist stuff I use:

    In first exim editor box:
    PHP:
    hostlist rbl_whitelist = /etc/relayhosts : /etc/exim_rbl_whitelist localhost
    In third exim editor box:
    PHP:
      #if it gets here it isn't mailman

          deny domains = /etc/exim_deny_quotalimit
             message     mail to $domain has been prohibited account size limit reached
      deny domains     = /etc/exim_deny_domains
             message     mail to $domain has been administratively prohibited
      deny recipients     = /etc/exim_deny_recipients
             message     mail to $local_part@$domain has been administratively prohibited
      accept senders     = /etc/exim_accept_senders
      deny   message     $sender_address has been denied access to this server.
                 senders = /etc/exim_deny_senders
      deny   message     rejected because $sender_host_address is in a blacklist at $dnslist_domain see $dnslist_text
                 !hosts = +rbl_whitelist
                 !authenticated = *
                 dnslists bl.spamcop.net zen.spamhaus.org : list.dsbl.org
    /etc/exim_rbl_whitelist is a file containing IP addresses I want to skip RBL checks for.
    /etc/exim_deny_domains is a file containing domains I want to block mail to
    /etc/exim_deny_recipients is a file containing e-mail addresses I want to block mail to
    /etc/exim_accept_senders is a file containing e-mail addresses I want to accept mail from
    /etc/exim_deny_senders is a file containing e-mail addresses I want to block mail from
    /etc/exim_deny_quotalimit is a file listing domains that are at or over their quota. This stops mail for over quota domains getting into the queue. A cronjob runs every five minutes to update the list from the output of repquota.

    All the files must exist (use touch to create them) or exim will complain.
     
    #3 nxds, Apr 17, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - allow whitelist accept
  1. ampapa

    Spamassassin - blacklist all TLD allow whitelisted TLD?

    ampapa, Mar 14, 2018, in forum: E-mail Discussion
    Replies:
    3
    Views:
    152
    cPanelMichael
    Mar 15, 2018
  2. denverdataman

    allow_url_fopen Does Not Change

    denverdataman, Jun 18, 2018 at 4:55 PM, in forum: EasyApache
    Replies:
    5
    Views:
    87
    cPanelLauren
    Jun 19, 2018 at 2:32 PM
  3. WebHostPro

    How to allow zip shell on a shared plan?

    WebHostPro, Jun 14, 2018 at 1:50 PM, in forum: General Discussion
    Replies:
    4
    Views:
    54
    cPanelMichael
    Jun 14, 2018 at 2:40 PM
  4. tomdchi

    CSF, CC_ALLOW_FILTER, and ipset

    tomdchi, Jun 7, 2018, in forum: Security
    Replies:
    1
    Views:
    55
    cPanelLauren
    Jun 8, 2018
  5. USA_Webmaster

    Allow Email Access from specific IP only, block everyone else

    USA_Webmaster, Jun 7, 2018, in forum: E-mail Discussion
    Replies:
    1
    Views:
    70
    cPanelLauren
    Jun 8, 2018

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice