The MAPS (Mail Abuse Protection System) RBL (Realtime Blackhole - List) is a means of identifying hosts that have been associated - with the sending of spam mail. A full description of the service - and the technology and ethics behind it can be found at http://www.mail-abuse.org/rbl/ along with more general mail policy information at http://www.mail-abuse.org/.
@@ -18,25 +19,59 @@In the few years since MAPS started operating, other similar services although with different aims, procedures and reliabilities have been introduced - MAPS itself has a number of - these (ie MAPS/DUL which maintains lists of dial up modems), the - other major source was ORBS, - which is a more proactive relay blocking service, however this has - recently closed down. For this reason the examples now use RSS - from mail-abuse.org in place of ORBS
- -Exim can use the MAPS RBL and/or any other similarly defined - service (ie you could make your own additional maps as well). To - use exim for this you need to be running version 1.80 or later, - the configuration example in this document are specifically for - version 3.00 and later - the old version of this document, - covering older versions of exim can be found here.
- -Exim has supported RBL from version 1.80, although the flexibility was increased (with a related change configuration - options) on the release of Exim 3.00
+ options) on the release of Exim 3.00. With the release of Exim + 4.00 the whole basis of policy checks on incoming mail changed + to be based on a set of Access Control Lists (ACLs) applied at + various during the incoming mail transaction. For this reason + the configuration of Exim 4.x and later to use DNSBLs is + complete different to that used for earlier versions. + +In Exim 4.x a DNSBL lookup can be used in any of the incoming SMTP + ACLs. However it is typical for the lookups to be used in the ACL + handling RCPT TO - this allows policies to accept mail + for postmaster or other special local parts (for + example so a blocked sender can talk to the local postmaster + about getting blocks lifted or excluded)
+ +The use of DNSBLs is substantially documented in the main exim + specification or the 4.x versions, so will not be covered in + detail here. However a couple of examples can be given
++ # Add a warning header if the sending host is in these + # DNSBLs but acccept the message (or rather leave it for + # later ACLs to accept/deny + warn message = X-blacklisted-at: $dnslist_domain + dnslists = blackholes.mail-abuse.org : \ + dialup.mail-abuse.org + + + + # Reject messages from senders listed in these DNSBLs + deny dnslists = blackholes.mail-abuse.org ++ +
Documentation on these features can be found in the + specification section on + + Access Control Lists.
+ +The exim RBL support allows one or more RBL systems to be checked and messages from hosts within each RBL to be either @@ -47,7 +82,7 @@ an RBL blocked site.
-These are fully detailed in the Exim
@@ -75,14 +110,14 @@
# add warning to messages whose sending host is in RSS
rbl_domains = blackholes.mail-abuse.org/reject : \
dialups.mail-abuse.org/reject : \
- relays.mail-abuse.org/warn
+ relays.mail-abuse.org/warn
# check all hosts other than those on internal network
rbl_hosts = !192.168.0.0/24:0.0.0.0/0
# but allow mail to postmaster@my.dom.ain even from rejected host
recipients_reject_except = postmaster@my.dom.ain
# change some logging actions (collect more data)
-rbl_log_headers # log headers of accepted RBLed messages
-rbl_log_rcpt_count # log recipient info of accepted RBLed messages
+rbl_log_headers # log headers of accepted RBLed messages
+rbl_log_rcpt_count # log recipient info of accepted RBLed messages
The information to do more complicated manipulations can be
@@ -91,6 +126,6 @@ rbl_log_rcpt_count # log recipient info of accepted RBLed messages
Nigel Metheringham
- $Id: rbl.html,v 1.3 2001/05/10 11:24:39 nigel Exp $
+ $Cambridge$