Check RBL if user is authenticated (smtp)
Hi,
I want to check RBL also if the user is authenticated. I have inserted in section "custom_begin_rbl" (in WHM ---> " Exim
Configuration Editor ---> Advanced Editor") this code:
...but exim control the RBL "xbl.spamhaus.org" only for NOT authenticated users :( I would to check also for AUTHENTICATED users. Can anyone help me?
accept
authenticated = *
warn
dnslists = xbl.spamhaus.org
set acl_m8 = 1
set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"
warn
condition = ${if eq {${acl_m8}}{1}{1}{0}}
ratelimit = 0 / 1h / strict / per_conn
log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"
drop
condition = ${if eq {${acl_m8}}{1}{1}{0}}
message = ${acl_m9}
...but exim control the RBL "xbl.spamhaus.org" only for NOT authenticated users :( I would to check also for AUTHENTICATED users. Can anyone help me?
-
Hello :) You could enable the following option in "WHM Home " Service Configuration " Exim Configuration Manager" under the "ACL Options" tab: Ratelimit suspicious SMTP servers Per it's description: Ratelimit incoming SMTP connections that do not send QUIT (violates RFCs), have recently matched an RBL, or have attacked the server. To clarify, do you mean that users on your system circumventing this option? Thank you. 0 -
This option don't check if IP of connection (with AUTH ON) is listed in RBL. I want this: check the IP in RBL of user with AUTH ON. However I have activated "Ratelimit suspicious SMTP servers", this option doesn't block the emails if the IP is in xbl.spamhaus.org. 0 -
I have solved the problem. I have insert under "acl_smtp_rcpt" in "custom_end_recipient": deny message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = xbl.spamhaus.org
Now the IP of SMTP connection is checked if AUTH is ON.0 -
I am happy to see you were able to resolve the issue. Thank you for updating us with the outcome. 0 -
[quote="danilosp, post: 1673352">I have solved the problem. I have insert under "acl_smtp_rcpt" in "custom_end_recipient": deny message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = xbl.spamhaus.org
Now the IP of SMTP connection is checked if AUTH is ON.
...I have updated the rule, now it's ok:deny authenticated = * message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = xbl.spamhaus.org0
Please sign in to leave a comment.
Comments
5 comments