The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

I goofed up exim please help~

Discussion in 'General Discussion' started by procam, Nov 16, 2005.

  1. procam

    procam Well-Known Member

    Joined:
    Nov 24, 2003
    Messages:
    123
    Likes Received:
    0
    Trophy Points:
    16
    Suddenly I have this really strange error and I dont know what I did but if someone could help me fix this I would sure be appreciative~

    Heres the error

    2005-11-16 21:01:01 dnslists domain "!domains " contains strange characters - is this right?


    and heres my exim config

    domainlist rbl_blacklist = lsearch;/etc/rblblacklist
    domainlist rbl_bypass = lsearch;/etc/rblbypass
    domainlist reject_domains = lsearch;/etc/rblblacklist
    hostlist rbl_whitelist = lsearch;/etc/relayhosts : partial-lsearch;/etc/rblwhitelist
    allow_domain_literals


    Acl


    #!!# ACL that is used after the RCPT command
    check_recipient:
    # Exim 3 had no checking on -bs messages, so for compatibility
    # we accept if the source is local SMTP (i.e. not over TCP/IP).
    # We do this by testing for an empty sending host field.
    accept hosts = :

    drop hosts = /etc/exim_deny
    !hosts = /etc/exim_deny_whitelist
    message = Connection denied after dictionary attack
    log_message = Connection denied from $sender_host_address after dictionary attack
    !hosts = +relay_hosts
    !authenticated = *


    drop message = Appears to be a dictionary attack
    log_message = Dictionary attack (after $rcpt_fail_count failures)
    condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
    condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
    !verify = recipient
    !hosts = /etc/exim_deny_whitelist
    !hosts = +relay_hosts
    !authenticated = *

    # Accept bounces to lists even if callbacks or other checks would fail

    #**#
    #**# RBL List Begin
    #**#
    #
    # Always accept mail to postmaster & abuse in any local domain
    #
    accept domains = +local_domains
    local_parts = postmaster:abuse
    deny message = :fail: Connection rejected: SPAM source $domain is manually blacklisted.
    domains = +reject_domains
    #
    # Check sending hosts against DNS black lists.
    # Accept all locally generated messages
    # Reject message if address listed in blacklist.
    deny message = Message rejected because $sender_fullhost \
    is blacklisted at $dnslist_domain see $dnslist_text
    !hosts = +relay_hosts
    !authenticated = *
    dnslists = bl.spamcop.net : \
    sbl-xbl.spamhaus.org : \
    korea.services.net : \
    # RBL Bypass Local Domain List
    !domains = +rbl_bypass
    # RBL Whitelist incoming hosts
    !hosts = +rbl_whitelist
    #**#
    #**# RBL List End
    #**#

    # Accept bounces to lists even if callbacks or other checks would fail
    warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
    condition = \
    ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
    {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
    {yes}{no}}

    accept condition = \
    ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
    {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
    {yes}{no}}


    # Accept bounces to lists even if callbacks or other checks would fail
    warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes
    condition = \
    ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
    {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
    {yes}{no}}

    accept condition = \
    ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
    {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}} \
    {yes}{no}}

    #if it gets here it isn't mailman

    #sender verifications are required for all messages that are not sent to lists

    require verify = sender
    accept domains = +local_domains
    endpass

    #recipient verifications are required for all messages that are not sent to the local machine
    #this was done at multiple users requests

    message = "The recipient cannot be verified. Please check all recipients of this message to verify they are valid."
    verify = recipient

    accept domains = +relay_domains

    warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}}
    hosts = +relay_hosts
    accept hosts = +relay_hosts

    warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}}
    condition = ${perl{checkrelayhost}{$sender_host_address}}
    accept condition = ${perl{checkrelayhost}{$sender_host_address}}

    accept hosts = +auth_relay_hosts
    endpass
    message = $sender_fullhost is currently not permitted to \
    relay through this server. Perhaps you \
    have not logged into the pop/imap server in the \
    last 30 minutes or do not have SMTP Authentication turned on in your email client.
    authenticated = *

    deny message = $sender_fullhost is currently not permitted to \
    relay through this server. Perhaps you \
    have not logged into the pop/imap server in the \
    last 30 minutes or do not have SMTP Authentication turned on in your email client.


    #!!# ACL that is used after the DATA command
    check_message:
    require verify = header_sender
    ######## EXISCAN ACL #########
    deny message = This message contains malformed MIME ($demime_reason)
    demime = *
    condition = ${if >{$demime_errorlevel}{2}{1}{0}}
    deny message = This message contains a virus or other harmful content ($malware_name)
    demime = *
    malware = *
    deny message = Hiding of file extensions(CLSID hidden) is not allowed.
    regex = ^(?i)Content-Disposition::(.*?)filename=\\s*"+((\{[a-hA-H0-9-]{25,}\})|((.*?)\\s{10,}(.*?)))"+\$
    deny message = This message contains an attachment of a type which wedo not accept (.$found_extension)
    demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:exe:hlp:hta:inf:ins:isp:jse:lnk:mdb:mde:msc:msi:msp:pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wsf:wsh:wsc
    warn message = X-Antivirus-Scanner: Clean mail though you should still use an Antivirus
    ######## EXISCAN ACL #########

    accept



    Routers


    # Deny and send notice to list of rejected domains.
    reject_domains:
    driver = redirect
    # RBL Blacklist incoming hosts
    domains = +rbl_blacklist
    allow_fail
    data = :fail: Connection rejected: SPAM source $domain is manually blacklisted.
     
    #1 procam, Nov 16, 2005
    Last edited: Nov 16, 2005
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    Somewhere roughly one third through the config you posted, you have the line:
    Code:
    !domains = +rbl_bypass
    and then in the second line of the config, you have:
    Code:
    domainlist rbl_bypass = lsearch;/etc/rblbypass
    therefore I would recommend that you check the contents of /etc/rblbypass and see if it is correct.

    Since the error you are getting states:
    Code:
    dnslists domain "!domains " contains strange characters
    you'd probably need to look through /etc/rblbypass and try and find any non-standard characters i.e. any character that is not allowed in domain names. Be sure to check for whitespace characters as they may not be obvious.
     
  3. procam

    procam Well-Known Member

    Joined:
    Nov 24, 2003
    Messages:
    123
    Likes Received:
    0
    Trophy Points:
    16
    Big thanks for your help-- thats exactly what it was - apparently you can only put domain names in the bypass and not ips as I had one ip address in there and when I removed it the error went away~ :D
    Life is good now -- thanks!!
     
  4. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    36
    No problem. I merely followed the logical path that was indicated by the error you were getting.

    In this case, the error referred to the list "!domains" and so I merely checked how this was being set, and noticed that it was being read from /etc/rblbypass. You almost got there yourself through realising which part of the Exim config to check!
     
  5. procam

    procam Well-Known Member

    Joined:
    Nov 24, 2003
    Messages:
    123
    Likes Received:
    0
    Trophy Points:
    16
    Aight -turns out it wasnt the rblbypass file-- I have fixed this badboy took all night and day to finger this one out ~ but here it is

    dnslists = bl.spamcop.net : \
    sbl-xbl.spamhaus.org : \
    korea.services.net

    If you note the above config it had a : \ at the end of the last rbl korea.services.net : \
    Apparently that caused exim to not understand what that was for~ removed it and the errors gone~~ :eek: whew~ man it woulda been so much easier if exim would just say what it means and mean what it says ~ like ho hummm Get rid of this ": \ " dummy I dont know what its for!! I woulda been looking for that right away~~ :p
     
    #5 procam, Nov 17, 2005
    Last edited: Nov 17, 2005
Loading...

Share This Page