Category Archives: exim

Rspamd Tips & Tricks


Rspamd is supposed to be a high performance spam filtering solution. Of any project I have worked with, it has the worst documentation of anything I have used. Obviously this is the reason the product has not been widely adopted. You may have the best software in the world, but if no one can figure out how to use it…

View Stats

rspamc stat

Command will output some details, including how many messages scanned with a breakdown of classifications. Also lists details of fuzzy hashes and bayes information.

View Configuration

rspamadm configdump

Command will dump out the active configuration of rspamd. Very useful since rspamd uses a general configuration file, then has local configuration files that merge and also override configuration that replaces default configuration.

You can drill down and look at individual specific configuration element (there are many), here are a few examples.

rspamadm configdump logging
rspamadm configdump regexp
rspamadm configdump classifier

External Sites

The following links are places I have found with good general information or documentation on RSPAMD.

0xf8.org

Message Delivery Testing with Exim

Email DeliveryI was recently doing some troubleshooting of email delivery on an Exim server.

I wanted to see what happens when the server attempts delivery. The error in the logs was a timeout, but it does not tell you when in the process the timeout happens.

Brad the Mad has a nice Exim Cheatsheet online that gives some examples of how to manage an Exim server.

Expanding on some of his examples I used this command:

exim -v -M <message-id>

That command will force Exim to attempt a delivery of the message you define as the message-id. The addition of -v will show every step of the process, very handy.

In my test using this tool, the delivery failed. In fact, it could not even connect to the remote server at all. Yet, if I did a telnet command like this:

telnet 123.345.679.123 25

I could connect to the remote server. After some digging, I found the exim.conf file was using a command on the transport to bind the outbound connections to an IP address on the server other than the default IP.

interface      = <; 192.168.123.123

The network then had special rules on the firewall to direct outbound traffic from that IP address to a specific public IP address.

So my telnet command that was giving me a positive result, I could connect to the remove server but only because my test was not simulating the same outbound IP address as the server.

If you need to telnet out of a server and bind to a specific IP address, you can do it like this:

telnet -b <sourceaddress> <destination> <port>

Compiling DNSDB Exim on Debian Wheezy Directadmin

About 1.5 years ago I did a posting with easy instructions to compile in a custom build of Exim on Directadmin.

Since then I upgraded to Debian Wheezy and Exim has been upgraded to 4.84. The step-by-step instructions don’t work anymore as a result.

Here is an updated version of those instructions.

First, ensure you have the required dependencies.

apt-get install libdb5.1-dev libperl-dev libsasl2-dev

Change all occurrences of 4.84 to the version you want to use. The sample pulls Exim from some mirror, you might need to lookup a working URL to a mirror if this one goes down.

wget http://exim.mirrorcatalogs.com/exim/exim4/exim-4.84.tar.gz
tar xvzf exim-4.84.tar.gz
cd exim-4.84/Local
wget http://www.directadmin.com/Makefile
perl -pi -e 's/^EXTRALIBS/#EXTRALIBS/' Makefile
perl -pi -e 's/HAVE_ICONV=yes/HAVE_ICONV=no/' Makefile
perl -pi -e 's/^#LOOKUP_DNSDB=yes/LOOKUP_DNSDB=yes/' Makefile
cd ..
make
make install

The above commands will download the unmodified source for exim, extract it, download a makefile from the directadmin servers, use a perl command to adjust the makefile, compile and install the fresh exim build.

The file that is created is /usr/sbin/exim-4.84-1, so we must change the name and overwrite the existing exim file.

/etc/init.d/exim stop
cp -f /usr/sbin/exim-4.84-1 /usr/sbin/exim
chmod 4755 /usr/sbin/exim
/etc/init.d/exim start

To verify you have a working Exim with DNSDB compiled in do the following:

exim -bV

Exim 4.84

Compiling DNSDB into Exim on Debian/Directadmin

Directadmin by default uses Exim, however the DNSDB lookup module is not available. DNSDB allows Exim to perform DNS lookups as part of mail processing. I am using it to lookup SPF records of incoming mail.

Currently there is no way to add it, or enable it – not even using custombuild.  If you want it you must compile Exim from source.  Here is the procedure I used on a Debian box to get it activated.

First, ensure you have the dependencies for exim.

apt-get install libdb4.8-dev libperl-dev libsasl2-dev

Change all occurrences of 4.80.1 to the version you want to use.

wget http://files.directadmin.com/services/custombuild/exim-4.80.1.tar.gz
tar xvzf exim-4.80.1.tar.gz
cd exim-4.80.1/Local
wget http://www.directadmin.com/Makefile
perl -pi -e 's/^EXTRALIBS/#EXTRALIBS/' Makefile
perl -pi -e 's/HAVE_ICONV=yes/HAVE_ICONV=no/' Makefile
perl -pi -e 's/^#LOOKUP_DNSDB=yes/LOOKUP_DNSDB=yes/' Makefile
cd ..
make
make install

The above commands will download the unmodified source for exim, extract it, download a makefile from the directadmin servers, use a perl command to adjust the makefile, compile and install the fresh exim build.

The file that is created is /usr/sbin/exim-4.80.1-1, so we must change the name and overwrite the existing exim file.

/etc/init.d/exim stop
cp -f /usr/sbin/exim-4.80.1-1 /usr/sbin/exim
chmod 4755 /usr/sbin/exim
/etc/init.d/exim start

To verify you have a working Exim with DNSDB compiled in do the following:

exim -bV

You should get an output from Exim, look for the line that lists the built-in lookups and confirm that dnsdb is listed (as seen in the image below).

dnsdb