ReadMe for NoBaloney SpamBlocker Technology(TM) exim.conf Version 3.2.6-RC 18-May-2010 =============================================================================== IMPORTANT NOTE: The version of the NoBaloney SpamBlocker Technology(TM) exim.conf file on this webpage has the following requirements and will not work unless they are met: Must run Dovecot and Maildir file system /etc/exim.pl must be as distributed by DirectAdmin: http://files.directadmin.com/services/exim.pl and must be dated 28-March-2008 or later. Must run with exim version 4.60 or greater =============================================================================== By default, NoBaloney SpamBlocker Technology(TM), Spam Assassin, and ClamAV are all available in this exim.conf file but they do not run by default; be sure to read the documention included in the exim.conf file (look for the word EDIT in all caps to see places where you may need to edit the file. =============================================================================== IMPORTANT NOTE: This exim.conf file MUST be edited before it is installed on your server. If you do NOT edit this file it may not run. If it does run then it may not run properly, or with all the options you expect.. =============================================================================== BEFORE INSTALLING this exim.conf file on your server you should search for lines including the word EDIT and check to see what you have to do in order for this exim.conf file to work on your server. =============================================================================== If you have a prepopulated bad_sender_hosts file and if it's populated with listings which consist of IP#s, then those listings must be moved out of the bad_sender_hosts file and into the bad_sender_hosts_ip file. =============================================================================== If you have a prepopulated whitelist_hosts file and if it's populated with listings which consist of IP#s, then those listings must be moved out of the whitelist_hosts file and into the whitelist_hosts_ip file. =============================================================================== This is the README file for the NoBaloney SpamBlocker Technology(TM) exim.conf file created and distributed by: NoBaloney Internet Services Post Office Box 52200 Riverside, CA 92517-3200 voice: +1 951 643-5345 fax: +1 951 552-1182 spamblocker -at- nobaloney.net The NoBaloney SpamBlocker Technology(TM) exim.conf file documented herein has been created specifically for use with the DirectAdmin webserver management system developed and copyrighted by JBMC Software (http://www.jbmc-software.com/). The NoBaloney SpamBlocker Technology(TM) exim.conf file documented herein has been modified from the original exim.conf file as distributed with Exim 4, which includes the following copyright notice: Copyright (C) 2002 University of Cambridge, Cambridge, UK Portions of the file are taken from the exim.conf file as orignally distributed with the DirectAdmin control panel (http://www.directadmin.com/), Copyright (C) 2003-2010 JBMC Software, St Albert, AB, Canada Portions of this file are written by NoBaloney Internet Services and are copyright as follows: Copyright (C) 2004-2010 NoBaloney Internet Services, Riverside, Calif., USA The entire Exim 4 distribution, including the exim.conf file, is distributed under the GNU GENERAL PUBLIC LICENSE, Version 2, June 1991. If you do not have a copy of the GNU GENERAL PUBLIC LICENSE you may download it, in it's entirety, from the website at http://www.nobaloney.net/downloads/gnu-gpl-v2.txt The most recent version of this NoBaloney SpamBlocker Technology(TM) exim.conf file may always downloaded from the website at http://www.nobaloney.net/downloads/spamblocker/ Whenever you change Exim's configuration file, you *must* remember to HUP the Exim daemon, because it will not pick up the new configuration until you do. However, any other Exim processes that are started, for example, a process started by an MUA in order to send a message, will see the new configuration as soon as it is in place. You do not need to HUP the daemon for changes in auxiliary files that are referenced from this file. They are read every time they are used. It is usually a good idea to test a new configuration for syntactic correctness before installing it (for example, by running the command "exim -C /config/file.new -bV"). BEFORE USING THE NoBaloney SpamBlocker Technology(TM) exim.conf file you MUST make certain MANDATORY changes, and may make certain OPTIONAL changes to your DirectAdmin server: These changes are documented directly in the exim.conf file, generally following the word EDIT (in all caps as shown) embedded in comments in the file. Before installing the file you should search it, using an editor, to find all instances of the word EDIT and make all required and desired optional changes to the file. If you do not, your exim installation may fail to run, or may run but without the desired functionality. ********************************************************************* ACCEPTING UNAUTHENTICATED EMAIL FOR RELAY: ------------------------------------------ By default this exim.conf file will not allow relay of mail submitted unauthenticated on port 25. This may cause problems for users not already sending password authenticated email on port 587 who do not use a fully qualified domain name (FQDN) in their helo statement. To allow relay of mail for authenticated users on port 25 or on port 587 who do not use an FQDN in their helo statement, you should comment out the three deny checks following ACCEPTING AUTHENTICATED EMAIL FOR RELAY in this exim.conf file. DOMAIN/PAGE WITH UNBLOCKING INSTRUCTIONS: ----------------------------------------- You should create a page where any blocked sender may visit to learn how to get his/her email address unblocked. If you do so then you should change error messages returned by this exim.conf file to direct blocked senders to your page. A sample page exists at http://www.spamblocked.net/blocked.html. However you may NOT point directly to our page. And you may NOT use the artwork at the top left and top right of that page; we do NOT own the copyright and cannot license it to you. You may decide to use a form to receive unblock requests, but if you decide to use an email address (as in our example), you must install your own email address as follows: CHANGE TO ERRORS EMAIL ADDRESS The NoBaloney SpamBlocker Technology(TM) exim.conf file by default accepts an email to errors@example.com, for the purpose of receiving unblock requests. You should change the address to an address you want to use on your system. We recommend using the local part errors, and changing only the domain name. The code you'll need to change looks like this: # accept mail to errors@example.com, regardless of source # EDIT AS REQUIRED TO FIT YOUR ENVIRONMENT # EDIT be sure to change to use your own email address # accept local_parts = errors # domains = example.com after changing the local_parts and domain name parts of the address be sure to uncomment the the bottom two lines, leaving only the first one commented. SENDER VERIFICATION: -------------------- By default this release of the NoBaloney SpamBlocker Technology(TM) exim.conf file DOES require sender verification. This is contrary to previous version which by default did NOT require Sender Verification. Sender verification denies incoming email unless the sender address is verified to be routable, and in the case of local senders, to exist. If you do not want to require sender verification, then simply comment out the line: require verify = sender If you DO want to require sender verification, leave the line uncommented. SPAMASSASSIN: ------------- Once you've made the MANDATORY and OPTIONAL changes to your NoBaloney SpamBlocker Technology(TM) exim.conf file, and made the MANDATORY changes to your file system, decide if you want SpamAssassin to run. Early versions of DirectAdmin always showed the SpamAssassin configuration pages to domain users, but the latest versions do not show the SpamAssassin configuration pages to users if you do not run SpamAssassin. You should decide whether you want to run SpamAssassin or not. To run Spam Assassin, first make sure that Spam Assassin is running on your server. Note that these instructions may also be run to update SpamAssassin. 1) Install spamd & spamc cd /usr/local/directadmin/scripts ./spam.sh (use defaults for all questions asked) 2) get a "Can't locate HTML/Parser.pm in @INC" error? If so: cd /usr/local/src wget http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/HTML-Parser-3.35.tar.gz tar -xvzf HTML-Parser-3.35.tar.gz cd HTML-Parser-3.35 perl Makefile.PL make make install 3) start spamd /usr/bin/spamd -d -c -m 5 After Spam Assassin is installed, then in your exim.conf file search for: # Spam Assassin and uncomment all the lines underneath, from "spamcheck_director:" through "no_verify". CLAM AV: -------- There are several threads on the DirectAdmin Forums discussing installation of ClamAV. One of them (possibly not up-to-date and possibly not workable in your installation) may be found at: http://www.directadmin.com/forum/showthread.php?s=05209e736437c5bb29cd9535eeaf5e42&threadid=10478 Once you've installed ClamAV on your server, make sure to check all the EDIT locations in your new exim.conf file to be certain it's properly configured. DONE? ----- When you've done all of the above check your ACL messages for typographical errors, and save the file in a work directory. Then test it by running the following command, to check the file for syntactical errors: exim -C /config/file.new -bV where /config/file.new is replaced by the path to your new file. When this passes, then move the file to /etc/exim.conf (save your old file), and restart exim. Then send an email to your own account on the server, to make sure it arrives, and send an email from the server, and one from your desktop, to an account not on the server, to make sure it arrives. If something isn't working you can either revert to your previous exim.conf file or you can watch your /var/log/exim/mainlog file to find any errors. That's it. Questions should be asked, and will be addressed in, the appropriate forum in the DirectAdmin forum at http://www.directadmin.com/forum/ Comments (which may not be responded to) should be sent to: NoBaloney Internet Services Post Office Box 52200 Riverside, CA 92517-3200 voice: +1 951 643-5345 fax: +1 951 552-1182 spamblocker -at- nobaloney.net