Exim ACL for blocking certain senders

This is definitely not spamIf you're in a need for fast and simple solution to block certain senders directly on Exim mail server, you're in luck. Couple of weeks back I needed to blacklist a spammer on a relay mail server, so that I could take my time and carefully trace the origin server/script from where the spam was being sent.

Implementing sender blocklist is very simple. Just open Exim's configuration file - if you're using CentOS or RHEL, look no further than /etc/exim/exim.conf. On Debian based distributions Exim's configuration is split into multiple files, so the recommended way of reconfiguring Exim is with dpkg-reconfigure exim4-config.

 

So the whole ACL is pretty short, simple and self explanatory:

acl_check_data:
    deny senders = /etc/deny_senders
    accept

The chances are that you already have acl_check_data: defined in your exim.conf, so basically you'll just need to add the second line below it.

Afterwards, you can put senders you wish to block in /etc/deny_senders. You can either block specific e-mail address or whole domains. Here are some examples:

user@domain.tld
user@sub.domain.tld
*@spammer.tld
*@lol.cats.tld

Note that after adding ACL you'll need to restart Exim, however editing deny_senders list doesn't require restart.

Category: 

6 comments

25
Nov

can you block a whole TLD using the method stated here in the /etc/deny_senders file *.tld
25
Nov

I didn't test that, but you should be able to blacklist whole TLD. Feel free to try it and let me know how it goes Wink

6
Sep

Yes, whole top level domains can be blocked.
8
May

if i use this rule whole domains got blocked. please tell me what to do.
9
Jul

i am using smpt so where i have to put thsi lines ?
14
Oct

it doesn't work for me. I made a file /etc/exim4/conf.d/acl/deny_senders and put : *@abc.xyz abc.xyz in the 40_exim4-config_check_data file I tried putting "deny senders = /etc/exim4/conf.d/acl/deny_senders" at the end just above "accept" and then at the top just after "acl_check_data:" but the mail still shoots out. Im trying to shoot a mail from PHP Mail function. I think we need to have Exim Differentiate from where the Mail Originates ? I mean the directory pertaining to domain name or something ? If we can blacklist /home/web/ Exim would deny sending mail from any mail X:originate from that Directory ? just a wild guess... Any more clues ?

Add new comment