I didn't configure this setup rather the rbl was implemented by one of my ex-employees. Frankly, I've doubts about many of the options he configured. For example, whitelisting a domain should be good enough then why there are two more options (ip & email) for whitelisting. I could be wrong though. I got hold of him today about this configuration and he told me that he just followed the guideline from ev1's forum & tutorial from rvskin. I already found both of them:
http://forum.ev1servers.net/showthread.php?t=34689 http://www.rvskin.com/index.php?page=public/antispam The tutorial from rvskin was written meticulously but I'm not very satisfied. So, I've been trying to go through all the exim documentation to implement a good solution. RBL can not be a good solution, if I can not whitelist the desired IPs. I believe that the following strangas: accept domains = +local_domains local_parts = postmaster:abuse !hosts = @[] !authenticated = * supposed to achieve - (1) accept all emails in postmaster & abuse, (2) accept authenticated users. But I don't understand the meaning of '!hosts = @[]'. I hope that someone can shed some light on it. I changed this strangas with the following though: deny local_parts = [EMAIL PROTECTED]/|] accept local_parts = postmaster:abuse accept hosts = 127.0.0.1:+relay_hosts accept authenticated = * I'm not sure if I'm doing it right but it's working and my clients can send emails. However, I still couldn't figure out how to bypass the DNS check of some trusted senders. None of them have rDNS configured or have no A record in the PTR or listed in the spam database but my clients wants emails from these guys. So, I'm still running few experiments and of course going through the documentation of exim as well we this huge mailing list. But so far - I couldn't find anything. Can you give me some lead on this... Thank you once again for all your cooperation... Khalid ----- Original Message ----- From: "Mark Smith" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, July 13, 2005 11:20 PM Subject: RE: [exim] how to stop exim from reverse lookup check fortrustedIPs... | | | > -----Original Message----- | > From: KHALID SHAWKAT [mailto:[EMAIL PROTECTED] | > Sent: 14 July 2005 04:59 | > To: Mark Smith; [email protected] | > Subject: Re: [exim] how to stop exim from reverse lookup | > check for trustedIPs... | > | > Thank you Mark. I did comment out the line "require verify | > reverse_host_lookup" and move "!authenticated = *" just after | > "local_parts = postmaster:abuse" but still the result is | > same. Yes, my clients has been trying to use my mail server | > and they can send mail comfortably using a different ISP. | > None of them can send email with their own ISPs and the IP | > addresses of those ISPs does not have any PTR record or 'A' | > record in PTR. | > They both can send emails though - if I disable the option | > "Verify the existance of email senders" from WHM/cPanel. Some | > of their partners can not send email even though they are in | > the whitelist. I checked that the guys, who can not send | > email have some issues with PTR record. I think that the | > problem is with that WHM option since I tried with default | > exim config setup with the same result. Do you've any | > suggestion how to make these IPs in a trusted list even | > before the option (Verify the existance of email senders) | > start checking for rDNS? | | I find this rather strange, as I actually copied your exim.conf and tried | running it with the IPs you listed. The place where they got rejected was at | the reverse lookup, and after taking that out, both IPs were accepted. | | As far as I know, the only thing WHM's "Verify the existence of email | senders" option does is to add "require verify = sender" to the RCPT ACL and | "require verify = header_sender" to the DATA ACL, and your users are being | rejected before Exim even gets to those points. | | You shouldn't need to put local users in a trusted list. You need to have an | "accept authenticated = *" line in the RCPT ACL that comes before you do all | the RBL and lookup tests. | | I don't understand what this stanza is supposed to achieve: | | accept | domains = +local_domains | local_parts = postmaster:abuse | !hosts = @[] | !authenticated = * | | Why do you not want to accept mail to postmaster from authenticated users? | | - Mark | | | | -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
