Exim SpamBlocker blacklist/whitelist files


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » Email » Exim

Exim SpamBlocker blacklist/whitelist filesLast Modified: Aug 7, 2019, 6:56 pm
Exim supports several backlist and whitelist files. Information on using each one, below:

BlackList


  • /etc/virtual/blacklist_domains

    The blacklist_domains is a nwildlsearch file, meaning you can use wildcards.  It will contain any sending address domain you wish to block.  Valid entries might be:

    spam.com
    *.spam

    which blocks an explict domain, or all domains ending with the spam domain extension, (eg: would catch email@bad.spam)
  • /etc/virtual/blacklist_senders

    Similar to the blacklist_domains, but would be a list of email addresses, wildcards accepted.  Samples in this file might be

    email@bad.spam
    *@bad.spam

NOTE: These 2 files will only be activated on domains which are enabled in the /etc/virtual/use_rbl_domains file.   Usually, you'd just go to:

Admin Level -> Admin Settings -> Use RBL Blocking [x]

to enable it, which replaces the use_rbl_domains file, with a symlink to the domains file (all domains on the server).  Make sure "Use RBL Blocking" is enabled, else the blacklist files will not have any effect.

Outbound DirectAdmin Username/SMTP login blocks


  • /etc/virtual/blacklist_usernames
    /etc/virtual/blacklist_smtp_usernames
    /etc/virtual/blacklist_script_usernames

    These 3 files are to block OUTBOUND email from leaving your server.  See this guide on how to use them.



WhiteList


  • /etc/virtual/whitelist_domains

    This is also an nwildsearch, so the same format at the blacklist_domains applies.  However this is for the destination domains.. meaning NO SCANNING WILL BE DONE on these recipient domains.   Rarely will you ever want to use this.  It should be 0 bytes 99.999% of the time.  Basically means any spam can arrive to this local domain list, which is not usually what would be desired.
  • /etc/virtual/whitelist_senders

    An wilcard addresslist of sending/From emails that should be accepted without any scanning.  Useful if you must recieve emails from a specific sender.  However, this value can be spoofed so would typically not be the best way to whitelist a sender.
  • /etc/virtual/whitelist_hosts

    This is a wildcard hostlist, containing a remote sending server's hostname.  We usually expect a host to be forward and reverse to point to each other, so server.host.com resolves to 1.2.3.4, and 1.2.3.4 rDNS resolves to server.host.com.  Sample format

    server.host.com
    *.host.com

  • /etc/virtual/whitelist_hosts_ip

    This is very similar to the whitelist_hosts file, except we use IPs, which can contain ranges. It does not support wildards. Samples:

    1.2.3.4
    1.2.3.0/24


The WhiteList entries are not linked to the use_rbl_domains file.
Using the whitelists is somewhat agressive in that it may bypass all scanning, allowing more in that you were expecting.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST