.@ Tony Finch – blog

I’ve just rolled out the as-yet-unreleased Exim 4.44 on our central email servers (ppswitch). We’re the first people to run it in anger, and I think it’s the first time ppswitch has been quite this close to the forefront of technology :-)

A lot of the features in Exim 4.4x have been requested by me in order to improve the service on ppswitch, especially stuff related to submission mode, callout verification, logging, and DNS blacklisting. This helps to make the configuration nice and tidy as well as implementing the correct functionality.

A particularly nice feature in 4.44 is the ability to reject on the basis that a domain’s name servers are operated by known spammers:

  deny message  = The name servers for the domain ${sender_address_domain} \
                  are listed at ${dnslist_domain} ($dnslist_value); \
                  See ${dnslist_text}
       dnslists = sbl.spamhaus.org/${lookup dnsdb{>:a=\
                                   ${lookup dnsdb{>:zns=\

My configuration file is now over 1000 lines, about half of which are blank or comments. I have another 200 lines of prototype configuration (which implement cryptographic bounce authentication) to test and roll out…