Exim supports several backlist and whitelist files. Information on using each one, below:
The blacklist_domains is a nwildlsearch file, meaning you can use wildcards. It will contain any sending address domain you wish to block. Valid entries might be:
which blocks an explict domain, or all domains ending with the spam domain extension, (eg: would catch firstname.lastname@example.org)
Similar to the blacklist_domains, but would be a list of email addresses, wildcards accepted. Samples in this file might be
NOTE: These 2 files will only be activated on domains which are enabled in the /etc/virtual/use_rbl_domains file. Usually, you'd just go to:
Admin Level -> Admin Settings -> Use RBL Blocking [x]
to enable it, which replaces the use_rbl_domains file, with a symlink to the domains file (all domains on the server). Make sure "Use RBL Blocking" is enabled, else the blacklist files will not have any effect.
These 3 files are to block OUTBOUND email from leaving your server. See this guide on how to use them.
This is also an nwildsearch, so the same format at the blacklist_domains applies. However this is for the destination domains.. meaning NO SCANNING WILL BE DONE on these recipient domains. Rarely will you ever want to use this. It should be 0 bytes 99.999% of the time. Basically means any spam can arrive to this local domain list, which is not usually what would be desired.
An wilcard addresslist of sending/From emails that should be accepted without any scanning. Useful if you must recieve emails from a specific sender. However, this value can be spoofed so would typically not be the best way to whitelist a sender.
This is a wildcard hostlist, containing a remote sending server's hostname. We usually expect a host to be forward and reverse to point to each other, so server.host.com resolves to 220.127.116.11, and 18.104.22.168 rDNS resolves to server.host.com. Sample format
This is very similar to the whitelist_hosts file, except we use IPs, which can contain ranges. It does not support wildards. Samples:
The WhiteList entries are not linked to the use_rbl_domains file.
Using the whitelists is somewhat agressive in that it may bypass all scanning, allowing more in that you were expecting.