cPanel & WHM Version 92 has been released, and brings a slew of great updates. Take a look at what is included, and then upgrade today!

Exempt Remote domains from RBL checking

dkTronicsCL shared this idea 6 years ago
Open Discussion

The option to include domains in the file etc/skiprbldomains work fine to indicate local domains (local accounts) who do not use the rbl, but would be great another option for whitelist remote domains against the rbls.


Example with spamhaus_rbl (implemented on exim.conf):


#Actual list to indicate local domains (local accounts) who do not use the rbl

domainlist skip_rbl_domains = lsearch;/etc/skiprbldomains


#New List to indicate incoming email domains that will not be checked against the rbl.

domainlist whitelist_rbl_senders = lsearch;/etc/whitelistrblsenders


# BEGIN INSERT spamhaus_rbl


deny message = JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text

hosts = +backupmx_hosts

dnslists = zen.spamhaus.org


warn

!sender_domains = +whitelist_rbl_senders

!domains = +skip_rbl_domains

dnslists = zen.spamhaus.org

set acl_m8 = 1

set acl_m9 = "JunkMail rejected - $sender_fullhost is in an RBL, see $dnslist_text"


warn

condition = ${if eq {${acl_m8}}{1}{1}{0}}

ratelimit = 0 / 1h / strict / per_conn

log_message = "Increment Connection Ratelimit - $sender_fullhost because of RBL match"


drop

condition = ${if eq {${acl_m8}}{1}{1}{0}}

message = ${acl_m9}


# END INSERT spamhaus_rbl


This configuration works well for me, but I have edit exim.conf manually every time I change the exim config from whm.

Best Answer
photo

Regarding:


"I have edit exim.conf manually every time I change the exim config from whm."


Simply make your changes using the Exim Configuration "Advanced" editor in WHM and your changes will persist even through cPanel updates and other config changes. Manual edits to exim.conf are never supported and we advise against doing so.


The behavior you're mentioning is achievable through a sanctioned and supported way (it will not revert out) using the advanced editor.


Please understand that this does not indvalidate this feature request, but I wanted to provide that bit of helpful information so you could utilize your custom code easily and not have it revert out in the future.

Comments (5)

photo
1

Regarding:


"I have edit exim.conf manually every time I change the exim config from whm."


Simply make your changes using the Exim Configuration "Advanced" editor in WHM and your changes will persist even through cPanel updates and other config changes. Manual edits to exim.conf are never supported and we advise against doing so.


The behavior you're mentioning is achievable through a sanctioned and supported way (it will not revert out) using the advanced editor.


Please understand that this does not indvalidate this feature request, but I wanted to provide that bit of helpful information so you could utilize your custom code easily and not have it revert out in the future.

photo
2

Hello Brian,

The problem with Exim Configuration "Advanced" is that only permit modify on sections "custom_begin_rbl" and " custom_end_rbl", but the modification is necessary "in middle" of the ACL lines for every RBL in use.

Perhaps the same can be implemented using both mention sections. If it were possible suggestions are appreciated!. :)

photo
1

Hello,


Just wanted to bump this feature up, this option is extremely required.

photo
1

Is ther any plan for its implementation?

photo
1

I wish to protect messages being sent from specific domains listed in /etc/skiprbldomains from RBL filtering. These domains send mail through Exchange servers. The Exchange mail comes from a random variety of mail-[XXXX######].outbound.protection.outlook.com servers with a variety of IP addresses. I do not know all the Exchange IPs nor do I wish to allow all mail sent through Exchange as there is plenty of spam. Certain RBLs provide a high level of desired filtering with a small number of casualties. However, even a few messages filtered can disrupt business.

I've just manually modified my exim.conf by changing all instances of


!domains = +skip_rbl_domains


to


!sender_domains = +skip_rbl_domains



I don't have internal domains to skip and this hack should work for a while.


NOTE: cPanel documentation on Skip RBLs on specific domains is not clear that the feature only works on internal domains and not remote.


To skip RBLs for specific domains, log in as the root user and use your preferred text editor to create and edit the /etc/skiprbldomains file.

Add the domains to the file, with one domain name per line.

After you create the /etc/skiprbldomains file, enable the skip_rbl_domains directive.