Spam Blocking

I use Exim version 4 on Debian Sarge, and I want to start using a “Real-time Black-hole List” (RBL) service. How the hell do I do that?

On Woody, with Exim version 3 it was easy. There was an option in the /etc/exim/exim.conf configuration file called rbl_domains. All I needed to do was list the DNS blackhole list servers I wanted to use:

rbl_domains = sbl-xbl.spamhaus.org/reject

Easy!

Now, how does that work in Sarge? Debian-specific documentation seems to be scant, which is a shame since Debian have their own hare-brained configuration scheme for Exim. Assuming you are using the ‘split config file’ scheme, here is the answer:

Create a file called something like /etc/exim4/conf.d/main/01_spamblock and add this line to it:

CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org

That doesn’t do quite the same as the Exim v3 line above. By default, Debian’s configuration adds a X-Warning: line to the header of messages that fail this check. That’s OK with me though, because I can just filter out these messages with a rule in my mail client.

If you want to simply reject spam, then you’d probably have to change warn to deny in the file conf.d/acl/30_exim4-config_check_rcpt, here:

  # Check against classic DNS "black" lists (DNSBLs) which list
  # sender IP addresses
  .ifdef CHECK_RCPT_IP_DNSBLS
  warn
    message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
    dnslists = CHECK_RCPT_IP_DNSBLS
  .endif

There’s more useful anti-spam configuration advice over on koivi.com.

Comment · Comments Feed · TrackBack

  1. Tim said,

    1 November, 2005 @ 00:37

    Thanks for the tip!

    I was trying to figure out where to define CHECK_RCPT_IP_DNSBLS.

  2. Paul said,

    4 December, 2005 @ 19:17

    I’m not sure how loyal you are to Exim, but I setup a Debian Sarge email server at my former employer using basically the how-to at Fat of the Lan. It’s a setup for email using postfix, spamassassin, clam antivirus, amavis, and courier delivery daemons (pop and smtp). I doubt you want to change your setup so radically, but perhaps there is some useful stuff in there that you can use in your config. Also, if you’re just looking for RBL checking, I know that Postfix alone has config options for doing that w/o the need for spamassassin and amavis.

    On a side-note: I wanted to say thanks for EventCalendar! I think it will help me a lot with a project I’m working on. If that turns out to be the case, I’d like to see a “donate” paypal button here or something so that I can thank you properly for that very nice work.

  3. alex said,

    4 December, 2005 @ 19:59

    Paul: Thanks for the link. It’s an interesting read.

    You’re quite right. I don’t fancy moving from Exim to Postfix, even though I think I’d probably choose Postfix if I were going to start from scratch.

    I’m glad that you’ve found EventCalendar useful. I don’t really need beer-money contributions, but I am available for contract work if you ever need someone with my skills.

Leave a Comment

Sponsors