The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

rejecting mail connection with exim when no rDNS

Discussion in 'E-mail Discussions' started by nagyosha, Aug 14, 2014.

  1. nagyosha

    nagyosha Member

    Joined:
    Mar 9, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi all
    i'm finding lots of spam getting thru on my server . even more getting stopped so i'm half way there.

    i also have configserver mailscanner setup ..

    nearly all the main spam now that gets thru has no reverse DNS by the looks of it. or at least that is what i see in mailwatch.
    so i'd like to refuse connections to exim for inbound mail if there is no reverse dns for the sender it as that seems like it could reduce server load also..
    i'd considered just loading the score a bit more in mailscanner for this however as far as the spammers are concerned it has been delivered as they do not see it not getting delivered.

    therefor the most useful way to combat it would be just to refuse there connection at the start.
    i've read on an article suggestign i add the below to exim (http://www.pasztor.at/2013/01/07/filtering-spam-with-exim-only/)
    rules in the RCPT ACL.
    Code:
    drop message   = Client Policy Restriction: No (consistent) reverse DNS set.
         condition = ${if !def:sender_host_name}
    drop message   = Client Policy Restriction: No (consistent) reverse DNS set.
         condition = ${if isip{$sender_host_name} {yes}{no}}
    drop message   = Client Policy Restriction: No (consistent) reverse DNS set.
         condition = ${if eq{$sender_host_name}{} {yes}{no}}
    drop message   = Client Policy Restriction: No (consistent) reverse DNS set.
         !verify   = reverse_host_lookup
    this will according to the article refuse there connection .
    I'm not to sure where to add this though ..
    looked in Service Configuration » Exim Configuration Manager
    and then advanced .. but seeking advice as do not want to break anything lol
     
  2. nagyosha

    nagyosha Member

    Joined:
    Mar 9, 2014
    Messages:
    19
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  4. smileybri

    smileybri Member

    Joined:
    Dec 17, 2010
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    I know this is old, but when I tried to do this it resulted in outgoing message errors. Users using Outlook or some other SMTP client tarted getting "550 Administrative prohibition" errors that stopped as soon as I disabled the added ACL as in the link above.

    Is there a new way to reject mail from servers with invalid PTR that will not cause such an issue, or do I have to change some other option in order to use this ACL?

    Currently I am using SpamAssassin to give a high score to this rule but SA is processing an extremely high number of messages that match this rule and this is incredibly inefficient.

    Any help is appreciated. Thank you.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Please let us know if the following thread helps:

    https://forums.cpanel.net/threads/reverse-dns-lookup.421161/

    Thank you.
     
  6. asmithjr

    asmithjr Well-Known Member

    Joined:
    Jun 13, 2003
    Messages:
    475
    Likes Received:
    1
    Trophy Points:
    18
    I opened Exim Configuration Manager then the Advanced Tab. Locate custom_begin_recp_verify then copy and pasted the like in that text area. Upon viewing my exim.conf file I see the content in the file in the #BEGIN ACL_RECP_VERIFY_BLOCK section of the file.

    I am not aware of any trouble as I just tried this but I have sent test emails to accounts on the server and they delivered.
     
    #6 asmithjr, Oct 7, 2015
    Last edited by a moderator: Oct 8, 2015
Loading...

Share This Page