The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole List) is a means of identifying hosts that have been associated with the sending of spam mail. A full description of the service and the technology and ethics behind it can be found at http://www.mail-abuse.org/rbl/ along with more general mail policy information at http://www.mail-abuse.org/.
In the few years since MAPS started operating, other similar services although with different aims, procedures and reliabilities have been introduced - MAPS itself has a number of these (ie MAPS/DUL which maintains lists of dial up modems), the other major source was ORBS, which is a more proactive relay blocking service, however this has recently closed down. For this reason the examples now use RSS from mail-abuse.org in place of ORBS
Exim can use the MAPS RBL and/or any other similarly defined service (ie you could make your own additional maps as well). To use exim for this you need to be running version 1.80 or later, the configuration example in this document are specifically for version 3.00 and later - the old version of this document, covering older versions of exim can be found here.
Exim has supported RBL from version 1.80, although the flexibility was increased (with a related change configuration options) on the release of Exim 3.00
The exim RBL support allows one or more RBL systems to be checked and messages from hosts within each RBL to be either rejected or marked by the addition of an extra header X-RBL-Warning:. It is also possible to have a limited number of recipients bypass the RBL reject functions completely, thus allowing postmaster (for example) to receive mail even from an RBL blocked site.
These are fully detailed in the Exim Specification Document. The specific section on RBL is here and the rbl directives are documented starting here
A typical configuration would be a mail system which rejects mail from machines that appear within either the MAPS RBL list or the MAPS DUL (Dial-Up List), and also checks hosts in the RSS lists but only marking each message has coming via an RBLed host rather than rejecting them. Additionally all mail to the local postmaster always gets through, even if the host is in the MAPS RBL list. You also have a local private set of IPs which relay out through this mail server on net 192.168.0.0/24 - these cannot be contacted from outside your organisation so RBL is not an issue.
The configuration fragment (in the main part of the exim configuration file) to do this is:-
# reject messages whose sending host is in MAPS/RBL & MAP/DUL
# add warning to messages whose sending host is in RSS
rbl_domains = blackholes.mail-abuse.org/reject : \
dialups.mail-abuse.org/reject : \
relays.mail-abuse.org/warn
# check all hosts other than those on internal network
rbl_hosts = !192.168.0.0/24:0.0.0.0/0
# but allow mail to postmaster@my.dom.ain even from rejected host
recipients_reject_except = postmaster@my.dom.ain
# change some logging actions (collect more data)
rbl_log_headers # log headers of accepted RBLed messages
rbl_log_rcpt_count # log recipient info of accepted RBLed messages
The information to do more complicated manipulations can be found in the specification document and is outside the scope of this note.