Exim DNS blacklist HOWTO

Posted on April 13, 2007 by segfault

I’m assuming that you’re using Debian Etch and also that you’re using the split Exim configuration. If you’re not using the split configuration or you aren’t sure which configuration you’re using, follow the instructions but make all the edits in /etc/exim4/exim4.conf.template.

Open /etc/exim4/conf.d/main/02_exim4-config-options and insert the following line:

CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org

If you want to add more DNS blacklists, separate them with colons like so:

CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org : bl.spamcop.net : cbl.abuseat.org

Next edit /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt. Search for the CHECK_RCPT_IP_DNSBLS acl and change the warn to deny like so:

.ifdef CHECK_RCPT_IP_DNSBLS
deny
message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
dnslists = CHECK_RCPT_IP_DNSBLS
.endif

Now restart Exim so that it runs using the modified configuration files:

/etc/init.d/exim4 restart

That’s it! When a remote MTA with an IP listed in Spamhaus attempts to send your Exim server an email, it will be rejected even before the data SMTP command

This entry was posted in Mail. Bookmark the permalink.

2 Responses to Exim DNS blacklist HOWTO

  1. Nick says:
    November 11, 2009 at 4:24 am

    Thank you – quick and simple.

    Nick

  2. anon says:
    January 6, 2010 at 9:23 pm

    thanks as well!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">