Date

I use Exim version 4 on Debian Sarge, and I want to start using a "Real-time Black-hole List" (RBL) service. How the hell do I do that?

On Woody, with Exim version 3 it was easy. There was an option in the /etc/exim/exim.conf configuration file called rbl_domains. All I needed to do was list the DNS blackhole list servers I wanted to use:

rbl_domains = sbl-xbl.spamhaus.org/reject

Easy!

Now, how does that work in Sarge? Debian-specific documentation seems to be scant, which is a shame since Debian have their own hare-brained configuration scheme for Exim. Assuming you are using the 'split config file' scheme, here is the answer:

Create a file called something like /etc/exim4/conf.d/main/01_spamblock and add this line to it:

CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org

That doesn't do quite the same as the Exim v3 line above. By default, Debian's configuration adds a X-Warning: line to the header of messages that fail this check. That's OK with me though, because I can just filter out these messages with a rule in my mail client.

If you want to simply reject spam, then you'd probably have to change warn to deny in the file conf.d/acl/30_exim4-config_check_rcpt, here:

# Check against classic DNS "black" lists (DNSBLs) which list
# sender IP addresses
.ifdef CHECK_RCPT_IP_DNSBLS
warn
  message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
  dnslists = CHECK_RCPT_IP_DNSBLS
.endif

There's more useful anti-spam configuration advice over on koivi.com.