On Wednesday 11 January 2006 08:39 am, Giuliano Gavazzi wrote: > On 11 Jan 2006, at 15:18, Bradley Walker wrote: > > domainlist local_domains = lsearch;/etc/virtual/domains > > domainlist relay_domains = lsearch;/etc/virtual/domains : localhost > > mmm, relay_domains is local_domains + localhost? Do you *relay* for > localhost??
I think we do... The exim.conf file was written specifically for use in a webhosting environment (DirectAdmin). We don't control how webhosting clients inject mail from the server. If they inject using the sendmail alias we're not relaying their email. But if they inject using smtp, I believe exim sees it as relaying. I'd appreciate clarification from anyone who has better insight. Dr Hazel? > Honestly, I do not see the reason for this relay_domains at all (and > > related acls), I've just looked over the acls, and from my point of view they're required. Can you show me specific ones that aren't, and explain why the same action occurs without them? I've only been using exim about three years, and I'm certainly willing to learn. > in particular since your dnslookup router reads: > > lookuphost: > > driver = dnslookup > > domains = ! +local_domains > > what happens when someone submits an email for [EMAIL PROTECTED] then? My mind is drawing a blank right now <frown>. Do you mean specifically "@localhost" as a literal? Something that resolves to 127.0.0.1? Or something that resolves to any IP# on the server? > For the rcpt acl: > > accept senders = +whitelist_senders > > isn't this an narrow-open relay? (it relays anything from whitelisted > senders) > You need a > > domains = +local_domains The purpose of whitelist_senders is for whitelist specific senders that may be on servers otherwise blacklisted. It's a list that must be added to manually. For example when people visit that (admittedly non-existent for this particular server) http://www.modemnet.net/spam/ page, they see instructions on how to get whitelisted, and the postmaster will then vet the email address, and if acceptable, will add it to whitelist_senders. Do you see a problem with it that I don't? Please teach me. > > deny message = Email blocked by SPAMHAUS - to unblock see > > http://www.modemnet.net/spam/ > > # only for domains that do want to be tested against RBLs > > domains = +use_rbl_domains > > dnslists = sbl.spamhaus.org > > I think that for many of these lists you are required to return their > error messages, which is in the TXT DNS record. I'm not sure what you mean by "required". I'm drawing a complete blank. What we return is a reader-friendly message directing the sender to a page where the problem is explained. > > deny message = Email blocked by SPAMCOP - to unblock see > > http://www.modemnet.net/spam/ > > hosts = !+relay_hosts > > domains = +use_rbl_domains > > !authenticated = * > > dnslists = bl.spamcop.net > > authenticated connections should have been accepted long ago (and > instead you accept them down the acl). Bradley left out a comment right above the SPAMCOP-block. It would have explained why I'm checking for authentication here: <snip> # Next deny stuff from more "fuzzy" blacklists # but do bypass all checking for whitelisted host names # and for authenticated users </snip> We made an arbitrary decision to block unconditionally, even for our own senders, for some blocklists, but not for others. > These were just some comments, it does not mean that the rest is > fine. Thanks very much; I appreciate your help. Jeff -- Jeff Lasman, Nobaloney Internet Services 1254 So Waterman Ave., Suite 50, San Bernardino, CA 92408 Our blists address used on lists is for list email only Phone +1 909 266-9209, or see: "http://www.nobaloney.net/contactus.html"; -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
