RBLs with Exim4 (debian friendly)

Denying connections based on RBLs is a snap with Exim4. Most confusion is related to ACLs and where the definition sits.

The fastest way to deny based on RBL is to add it to whatever ACL you specify in acl_smtp_rcpt

However, you MUST put the declaration AFTER any relay allow definitions. ACLs are based on first-match which means they run in order and stop when they hit a match. Implicit allow.

Here is my ACL declared as acl_check_rcpt

  accept  hosts = :
  deny    local_parts   = ^.*[@%!/|] : ^\\.   
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender
  deny    dnslists = zen.spamhaus.org
          message = Message rejected because $sender_fullhost is blacklisted at $dnslist_domain see $dnslist_text
  accept  domains       = +local_domains
          message       = unknown user        
          verify        = recipient
  accept  domains       = +relay_to_domains
          message       = unrouteable address
          verify        = recipient
  accept  hosts         = +relay_from_hosts               
  accept  authenticated = *
  deny    message       = relay not permitted

The RBL definition is toward the bottom, after we allow everyone in that we want in. This lets people relay via SMTP-AUTH or explicit allow before checking the RBL. If they aren’t allowed via anything we allow, then we check the RBL and die with a nice message.

The Exim SMTP Mail Server
Exim: The Mail Transfer Agent
The Exim SMTP Mail Server: Official Guide for Release 4
A Practical Guide to Linux(R) Commands, Editors, and Shell Programming
Understanding the Linux Kernel
Ubuntu Hacks: Tips & Tools for Exploring, Using, and Tuning Linux (Hacks)
Linux Pocket Guide

This entry was posted in Email Servers, Exim, How Tos, Mail Post, RBL, SMTP, Software, spam. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *