Whitelisting RBL domains

Mise

Well-Known Member
May 15, 2011
92
10
58
I have one customer receiving emails from one cloud service which uses different ips:
Code:
omta37.uswest2.a.cloudfilter.net 35.89.44.36
omta037.useast.a.cloudfilter.net  44.202.169.36
..etcetera.
and some times that cloud service falls in some RBL spam lists:
Code:
# exim_checkaccess 44.202.169.36 [email protected]
Rejected:
  550-"JunkMail rejected - omta037.useast.a.cloudfilter.net [44.202.169.36] is in
  550-an RBL: IP 44.202.169.36 ......
I was not able to find a way to bypass the RBL checking for any "cloudfilter.net" subdomain. Documentation in CPanel about the option /etc/skiprbldomains is not very complete:

Finally, I have found one Exim specification to use "wildlsearch" instead "lsearch":

"wildlsearch or nwildlsearch: These search a file linearly, like lsearch, but instead of being interpreted as a literal string, each key in the file may be wildcarded.[...]
The following forms of wildcard are recognized:
*.a.b.c data for anything.a.b.c
*fish data for anythingfish"
9. File and database lookups


then I have included *.cloudfilter.net inside /etc/skiprbldomains, and inside WHM > Exim > Advanced Editor, I have changed the line:

domainlist skip_rbl_domains = lsearch;/etc/skiprbldomains
by this:
domainlist skip_rbl_domains = wildsearch;/etc/skiprbldomains

However, after building and restart Exim there is this error inside /var / log / exim_paniclog :

Code:
unknown lookup type "wildsearch"
Why the Exim wildsearch key doesn't work?
 
Last edited by a moderator:

Mise

Well-Known Member
May 15, 2011
92
10
58
finally I have included a partial-lsearch in this line of the Exim advanced editor

"hostlist greylist_common_mail_providers = partial-lsearch;/etc/greylist_common_mail_providers"

because the line "!hosts = +greylist_common_mail_providers" exists in every RBL list

Then I have included *.subdomains inside empty file /etc/greylist_common_mail_providers, and chattr +i the file to avoid changes.

Hope it can works.

Anyway, some option to whitelist domain hostnames is very needed. There are services of that style who are renting many Amazon AWS and similar solutions to use many host subdomains with different ips to send legitimate e-mail.

A perfect option to avoid breaking the anti-spam filters in all the server would be whitelisting *.domains for concrete email addresses.
 
  • Like
Reactions: cPRex