You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by David Hasbrouck <da...@gmail.com> on 2008/12/29 06:55:33 UTC
All emails being tagged URIBL
Hello,
I use qmail with simscan, run spamd as a daemon. I am running Spam Assassin
3.2.5 on CentOS 4.7.
I am having an issue where all my emails are getting tagged with
URIBL_RED/GREY/BLACK.
Emails that contain invalid domains in them are also getting tagged.
>From the information I have found, to test this, I should lookup the domains
as follows:
dig somedomaingoeshere12345.com.multi.surbl.org A
Using somedomaingoeshere12345.com as an example, that isn't listed in URIBL
(and isn't even a valid domain name), but an email that contains just
somedomaingoeshere12345.com in the body is getting tagged.
We have valid domains that are also getting tagged. I looked them up in
URIBL and they are not there (both at their site and using the above dig
method). I found a few valid domains that are listed, and the dig command
properly returns an A record for those.
I am not sure what other information would be helpful, so will leave it at
this for now.
Thanks for any help!
David
Re: All emails being tagged URIBL
Posted by Kevin Golding <ke...@caomhin.demon.co.uk>.
In article <a5...@mail.gmail.com>,
David Hasbrouck <da...@gmail.com> writes
> I am having an issue where all my emails are getting tagged with
> URIBL_RED/GREY/BLACK. Emails that contain invalid domains in them
> are also getting tagged.
>
> From the information I have found, to test this, I should lookup
> the domains as follows:
>
> dig somedomaingoeshere12345.com.multi.surbl.org A
Nope, that's testing against SURBL not URIBL. The recommended way of
testing against URIBL would be:
host -tA 2.0.0.127.multi.uribl.com
http://www.uribl.com/about.shtml has some other tests to try too which
may help with your problem (hint: see the bottom part of the page).
Kevin
Re: All emails being tagged URIBL
Posted by ram <ra...@netcore.co.in>.
On Sun, 2008-12-28 at 23:55 -0600, David Hasbrouck wrote:
> Hello,
>
> I use qmail with simscan, run spamd as a daemon. I am running Spam
> Assassin 3.2.5 on CentOS 4.7.
>
> I am having an issue where all my emails are getting tagged with
> URIBL_RED/GREY/BLACK. Emails that contain invalid domains in them are
> also getting tagged.
>
save the mail as a textfile with full headers
run ( assuming u have a *nix OS )
spamassassin -D -t < /path/mail >/tmp/sa.log 2>&1
Now read the sa.log file and see exactly where the URIBL rule hit
It must be some footer/disclaimer in the mails .. that happens
frequently enough
> From the information I have found, to test this, I should lookup the
> domains as follows:
>
> dig somedomaingoeshere12345.com.multi.surbl.org A
multi.surbl.org is for SURBL rules not URIBL
> Using somedomaingoeshere12345.com as an example, that isn't listed in
> URIBL (and isn't even a valid domain name), but an email that contains
> just somedomaingoeshere12345.com in the body is getting tagged.
>
> We have valid domains that are also getting tagged. I looked them up
> in URIBL and they are not there (both at their site and using the
> above dig method). I found a few valid domains that are listed, and
> the dig command properly returns an A record for those.
>
> I am not sure what other information would be helpful, so will leave
> it at this for now.
>
> Thanks for any help!
>
> David
>
>
>
>
Re: All emails being tagged URIBL
Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.
On 28.12.08 23:55, David Hasbrouck wrote:
> I use qmail with simscan, run spamd as a daemon. I am running Spam
> Assassin 3.2.5 on CentOS 4.7.
>
> I am having an issue where all my emails are getting tagged with
> URIBL_RED/GREY/BLACK.
> Emails that contain invalid domains in them are also getting tagged.
> We have valid domains that are also getting tagged. I looked them up in
> URIBL and they are not there (both at their site and using the above dig
> method). I found a few valid domains that are listed, and the dig command
> properly returns an A record for those.
By any chance, didn't your ISP start "providing search service" for any
web name that does not exist?
> I am not sure what other information would be helpful, so will leave it at
> this for now.
X-Spam-* headers...
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.