On 2017-01-13 at 14:55 +0000, jpff wrote: > This used to work but recently it seems to have stopped (last hit on 7 > Dec 2016) Has something changed or am I missing something obvious?
What's your revision history on the file? What about on another file which might be a whitelist which you check first, to avoid hitting the blacklist: did you accidentally whitelist most of the Internet from getting checked by the blacklist? Do you whitelist against an online DNSxL which might have changed status recently and so is returning "whitelist" in response to _all_ your queries? These are the sorts of things which `exim -d+acl -bh $bad_ip` will expose for you. (See Jeremy pointing to -bh too). At the start of December 2016, the Avalanche fraud network was taken down; that's the sort of event which might shift traffic patterns. The Spamhaus DROP and EDROP lists are useful data-sources for keeping up-to-date, if you're not already using them. -Phil -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
