Author: Tafaz
Visits: 1749
Date: 13.04.2010
in this howto we're going to install and configure greylistd and RBL on a machine running debian etch, directadmin and exim4 in oder to limit spam.
first of all let's explain what RBLs and grelistd are.
RBLs (Real-time Blackhole List) are public lists of IP addresses that support spam, using this lists we allow exim to drop emails coming from these addresses before it will pass them trough spamassassin, reducing the server load.
to enable RBLs we have to simply add the domains configured on our machine to /etc/virtual/use_rbl_domains
cd /etc/virtual
rm -f use_rbl_domains
ln -s domains use_rbl_domains
we make a simbolic link to /etc/virtual/domains, doing so we let directadmin directly update the domains list that use RBLs.
if you're facing problems with RBLs you can simply remove this checks simply removing the symbolic link and touching /etc/virtual/use_rbl_domains
cd /etc/virtual
rm -f use_rbl_domains
touch use_rbl_domains
once enabled RBLs checks we can directly check on exim log their work looking at /var/log/exim/mainlog
2010-04-09 18:59:36 H=(LWJKVXB) [117.201.35.60] F=<att@ci.lincoln.ne.us> rejected RCPT <xxxxxx@yyyyyy.com>: Email blocked by SPAMHAUS - to unblock see http://www.example.com/
in this case the spamy mail has been rejected by SPAMHAUS filter!
in order to avoid problems we suggest to disable SPAMCANNIBAL filtrer editing exim.conf and commenting the following lines by putting a dash in front of them. we block spamcannibal because is a little bit stronger and often block nonspam emails.
# deny using bl.spamcannibal.org : see http://www.spamcannibal.org/cannibal.cgi
# moved to last place to check logs to see how much it blocks
# note if using spamcannibal you should probably whitelist constantcontact.com
deny message = Email blocked by SPAMCANNIBAL - to unblock see http://www.example.com/
hosts = !+relay_hosts
domains = +use_rbl_domains
!authenticated = *
dnslists = bl.spamcannibal.org
below is the commented spamcannibal rule
# deny using bl.spamcannibal.org : see http://www.spamcannibal.org/cannibal.cgi
# moved to last place to check logs to see how much it blocks
# note if using spamcannibal you should probably whitelist constantcontact.com
#deny message = Email blocked by SPAMCANNIBAL - to unblock see http://www.example.com/
#hosts = !+relay_hosts
#domains = +use_rbl_domains
#!authenticated = *
#dnslists = bl.spamcannibal.org
now simply restart exim
/etc/init.d/exim restart
now let's install greylistd
aptitude update
aptitude install greylistd
here it comes the most tricky part of this tutorial, the graylistd configuration:
let's open /etc/exim.conf and find
begin acl
# ACL that is used after the RCPT command
check_recipient:
Se vuoi discutere con noi su questo articolo o comunque vuoi porci delle domande usa il nostro Forum
