Weird exim4 problem: I added a spammer's IP range from whois to my /etc/exim4/local_host_blacklist file and, checking over an hour later, noticed I was still getting spam from that range. Checked using the -bh option and the entry wasn't being recognized. Moved the entry to the top of the file, and it worked. What? The file clearly wasn't too large, only 122 lines, but I cut it down to the latest 20 or so and tried again. Nope, again it didn't block the spammer's IP. Looked at the file more carefully: there was one misformed entry with just the number 8. Exim was obviously reading up to that line, and discarding the rest. Edited that line out of the saved blocklist, restored the entire blocklist, and tried again. Success.
The command used for testing: swaks --to jc@unternet.net --from spammer@unternet.net -pipe "exim4 -bh 72.11.129.2" > /tmp/exim4.log
last updated 2022-06-07 14:27:15. served from tektonic.jcomeau.com