README.SpamBlocker.exim.conf.2.1.1 06-Jun-2007 Runtime configuration file for DirectAdmin/Exim 4.24 and above Requires exim.pl dated 20-Apr-2007 17:09 or later README for SpamBlocker.exim.conf.2.1.1 ===================================================================== This is the README file for the SpamBlocker.exim.conf file created and distributed by: Jeff Lasman NoBaloney Internet Services P. O. Box 52200 Riverside, CA 92517 (951) 643-5345 Note that this README file documents certain required changes which must be made to the SpamBlocker.exim.conf file before it is used. The SpamBlocker.exim.conf file documented in this README file has been created specifically for use with the DirectAdmin webserver management system developed and copyrighted by JBMC Software (http://www.jbmc-software.com/). The SpamBlocker.exim.conf file documented in this README file has been modified from the original exim.conf file as distributed with Exim 4, which includes the following copyright notice: Copyright (C) 2002 University of Cambridge, Cambridge, UK Portions of the file are taken from the exim.conf file as distributed with DirectAdmin (http://www.directadmin.com/), Copyright (C) 2003-2007 JBMC Software, St Albert, AB, Canada T8N 5C9 Portions of this file are written by Jeff Lasman, of NoBaloney Internet Services and are copyright as follows: Copyright (C) 2004-2007 NoBaloney Internet Services, Riverside, Calif., USA The entire Exim 4 distribution, including the exim.conf file, is distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE you may download it, in it's entirety, from the website at http://www.nobaloney.net/exim/gnu-gpl-v2.txt The most recent version of this SpamBlocker.exim.conf file may always be downloaded from the website at http://www.nobaloney.net/exim/exim.conf.spamblocker Whenever you change Exim's configuration file, you *must* remember to HUP the Exim daemon, because it will not pick up the new configuration until you do. However, any other Exim processes that are started, for example, a process started by an MUA in order to send a message, will see the new configuration as soon as it is in place. You do not need to HUP the daemon for changes in auxiliary files that are referenced from this file. They are read every time they are used. It is usually a good idea to test a new configuration for syntactic correctness before installing it (for example, by running the command "exim -C /config/file.new -bV"). BEFORE USING THE SpamBlocker.exim.conf file you MUST make the following MANDATORY changes to your DirectAdmin server: ********************************************************************* MANDATORY CHANGES to your system: ********************************************************************* 1) Be sure your system includes at /etc/exim.pl the file exim.pl dated 20-Apr-2007 17:09 or later, available from: http://files.directadmin.com/services/exim.pl or from: http://www.nobaloney.net/downloads/spamblocker/DirectAdminSpamBlocker2/exim.pl If the latest version of exim.pl, as described above, is not included in your DirectAdmin configuration exim may fail to run or may run but fail to deliver any messages. ADD THE FOLLOWING FILES IF THEY DO NOT EXIST: (All files listed below should have the same ownership and permissions as /etc/virtual/domains. Normally this should be: owner = mail, group = mail, chmod 644) 1) Add a file /etc/virtual/bad_sender_hosts This file should contain the IP#s or "ehlo" names of hosts of so-called legal spammers and other spam sources that don't always get caught in blocklists, but whom you want to keep from sending spam to domains on your server for which you've enabled spamblocking. 2) Add a file /etc/virtual/blacklist_domains This file should contain the domain names of so-called legal spammers and other spam sources that do not always get caught by blocklists, but that, nevertheless, you do not want to be able to send spam to your domains on your server for which you've enabled spamblocking. 3) Add a file /etc/virtual/blacklist_senders This file should contain complete email addresses to be blacklisted from being accepted on the server. Note that the email address comes from the envelope sender, and not from any host header in the email. 4) Add a file /etc/virtual/use_rbl_domains This file should contain the domain names (as they're used for email, in most cases without the "www." prefix), of the domains for which you want SpamBlocker turned on. If you want SpamBlocker turned on for all domains, then this should be created as a symbolic link to /etc/virtual/domains. 5) Add a file /etc/virtual/whitelist_domains This file should contain any domains to be whitelisted. A domain is defined as the right side of the "@" sign in an email address. 6) Add a file /etc/virtual/whitelist_hosts This file should contain any hostnames to be whitelisted. A host is defined as the IP# or name of the server connecting to deliver a message (the "ehlo" name). 7) Add a file /etc/virtual/whitelist_senders This file should contain complete email addresses to be whitelisted. Note that the email address comes from the envelope sender, and not from any header in the email. UPGRADING FROM EARLIER VERSIONS OF SpamBlocker: If you're upgrading from an earlier version of SpamBlocker you must make the following changes to the contents of certain files: 8) Disburse the contents of /etc/virtual/whitelist_from (if any) to one of these three files: /etc/virtual/whitelist_domains /etc/virtual/whitelist_hosts /etc/virtual/whitelist_senders as applicable. Then remove /etc/virtual/whitelist_from, if it exists. ********************************************************************* MANDATORY CHANGES to the SpamBlocker.exim.conf file: ********************************************************************* NAME CHANGE When you've finished making the mandatory and perhaps optional changes to your system you should move this file (and rename it at the same time) to /etc/exim.conf DOMAIN/PAGE WITH UNBLOCKING INSTRUCTIONS: Wherever you find the domain name "example.com" in the SpamBlocker exim.conf file you must make changes to customize the file for your server. If you leave the sample "example.com" domain in this file then should your server experience any false positives (they're rare, but they can happen), you won't know about them, and you won't be able to notify the senders how to be unblocked. You must create a page where any blocked sender may visit to learn how to get his/her email address unblocked. And you must change the url from "http://example.com/" in the SpamBlocker.exim.conf file to point to your page. A sample page exists at http://www.spamblocked.net/blocked.html. However you may NOT point directly to our page. And you may NOT use the artwork at the top left and top right of that page; we do NOT own the copyright and cannot license it to you. And you may NOT use our email errors address on your page, as we cannot unblock senders to any domains we do not host. You may decide to use a form to receive unblock requests, but if you decide to use an email address (as in our example), you must change the section marked: ********************************************************************* OPTIONAL MODIFICATIONS: ********************************************************************* Note that if you decide to use this section you'll have to uncomment two lines and change the email address as follows: CHANGE TO ERRORS EMAIL ADDRESS The SpamBlocker.exim.conf file by default accepts an email to errors@example.com, for the purpose of receiving unblock requests. You should change the address to an address you want to use on your system. We recommend using the local part errors, and changing only the domain name. The code you'll need to change looks like this: # accept mail to errors@example.com, regardless of source # accept local_parts = errors # domains = example.com after changing the domain name be sure to uncomment the the bottom two lines, leaving only the first one commented. SENDER VERIFICATION: Do you want to require sender verification? By default the SpamBlocker.exim.conf file does NOT require sender verification. Sender verification denies incoming email unless the sender address can be verified. If you want to reqiure sender verification, i.e., that the sending address is routable and that mail can be delivered to it, then uncomment the line: #require verify = sender If you do NOT want to require sender verification, leave the line commented out. SPAMASSASSIN: Once you've made the MANDATORY and OPTIONAL changes to your SpamBlocker.exim.conf file, and made the MANDATORY changes to your file system, decide if you want SpamAssassin to run. Early versions of DirectAdmin always showed the SpamAssassin configuration pages to domain users, but the latest versions do not show the SpamAssassin configuration pages to users if you do not run SpamAssassin. So you should decide whether you want to run SpamAssassin or not. To run Spam Assassin, search for: # Spam Assassin and uncomment all the lines underneath, from "spamcheck_director:" through "no_verify". Do NOT uncomment the line "# Spam Assassin" itself. If you haven't already been running SpamAssassin, then you must do the following as well: 1) Install spamd & spamc cd /usr/local/directadmin/scripts ./spam.sh (use defaults for all questions asked) 2) get a "Can't locate HTML/Parser.pm in @INC" error? If so: cd /usr/local/src wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/HTML-Parser-3.35.tar.gz tar -xvzf HTML-Parser-3.35.tar.gz cd HTML-Parser-3.35 perl Makefile.PL make make install 3) start spamd /usr/bin/spamd -d -c -m 5 INSTALL THE SPAMBLOCKER.EXIM.CONF FILE Save your current /etc/exim.conf file and copy your customized SpamBlocker.exim.conf file to /etc/exim.conf. Then restart exim. That's it. Questions or comments to: Jeff Lasman NoBaloney Internet Services P. O. Box 52200 Riverside, CA 92517 (951) 643-5345