[redirecting with full-quote to ML - please do not take discussions off-list without good reason]
On 2016-02-11 Amanda Giarla <[email protected]> wrote: > Sorry for the lack of clarity. > I'm working on a training server with the general goal of managing email. > The specific task at this moment is understanding email blacklisting. > The server is set up withUbuntu, VestaCP, exim4, dovecot, clamAV, > spamassassin etc. > The exim4 log file is located at* /var/log/exim4/mainlog* > I can > *tail -f /var/log/exim4/mainlog* > and watch exim make log entries on inbound emails > For example the following test message was sent from my iphone via sonic.net > and the following appeared in the log file > 2016-02-10 18:56:51 1aTect-0003kd-Gx <= [email protected] H=c.mail.sonic.net > [64.142.111.80] P=esmtps X=TLS1.2:DHE_RSA_AES_128_CBC_SHA256:128 S=1781 id= > [email protected] > 2016-02-10 18:56:51 1aTect-0003kd-Gx => jane <[email protected]> > R=localuser T=local_delivery > 2016-02-10 18:56:51 1aTect-0003kd-Gx Completed > Notice that the log entry of the email includes the *From: IP Address of > [64.142.111.80]* > So I created the following file > */etc/exim4/local_host_blacklist* > and placed the the IP address 64.142.111.80 in the file. > Note: That IP address is the only thing in the file. > did a > *service exim4 restart* > Resent a message from my iPhone and the following was logged in* > /var/log/exim4/mainlog* > Nothing was entered in* /var/log/exim4/rejectlog* > 2016-02-11 12:46:05 1aTvJd-0003Wp-DM <= [email protected] H=c.mail.sonic.net > [64.142.111.80] P=esmtps X=TLS1.2:DHE_RSA_AES_128_CBC_SHA256:128 S=1781 id= > [email protected] > 2016-02-11 12:46:05 1aTvJd-0003Wp-DM => jane <[email protected]> > R=localuser T=local_delivery > 2016-02-11 12:46:05 1aTvJd-0003Wp-DM Completed > If the black list mechanism is working then I expected to see a difference > in log entries. > But I did not. > So clearly EITHER the exim4 blacklist mechanism is broken* (not likely)* OR > I have miss interpreted the documentation and messed something up (Which of > course is the most likely thing that has happened). [...] This should work and you should be able to find the cause with swaks --to [email protected] --from [email protected] -pipe "exim -bh 64.142.111.80" cu Andreas -- `What a good friend you are to him, Dr. Maturin. His other friends are so grateful to you.' `I sew his ears on from time to time, sure' -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
