You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by stevek <st...@onshore.com> on 2006/04/18 03:09:01 UTC

Adding RBLs

We are currently testing SA 3.1.0 - as our installation may end up being 
quite large. For several years we have run our own dnsrbl lists and would 
like to incorporate them into SA. Most are IPV4sets, but we do have one 
RHBL list. Unfortunately, we have not been successful in getting the rules 
to fire. We have tried adding them to both a variation of 
20_dnsbl_tests.cf and to the local.cf.


Here is a sample of the type of rule we are loading:

## Local RBL

header   RLBL_OSH_RBL  rbleval:check_rbl('rblos', 'rbl.onshore.com.')
describe RLBL_OSH_RBL  rbl.onshore.com
tflags   RLBL_OSH_RBL  net

header   RLBL_OSH_RBL  rbleval:check_rbl_results_for('rblos', '127.0.0.4')
describe RLBL_OSH_RBL  Host in rbl.onshore.com
tflags   RLBL_OSH_RBL  net

score    RLBL_OSH_RBL     3.0

spamassassin -D --lint shows no errors; however the rules don't seem to 
get called, or fire when we send a test mail from a host listed in the 
RBL. Other dnsrbls -- ie. spamcop, sorbs  -- seem to work fine.


Any help would be appreciated.

TIA - sjk


------------------------------------
Steven Kent
onShore Networks
http://www.onshore.com
fingerprint: pub  1024D/D2779F66 2004-04-07

Re: Adding RBLs

Posted by Matt Kettler <mk...@comcast.net>.

stevek wrote:
> We are currently testing SA 3.1.0 - as our installation may end up
> being quite large. For several years we have run our own dnsrbl lists
> and would like to incorporate them into SA. Most are IPV4sets, but we
> do have one RHBL list. Unfortunately, we have not been successful in
> getting the rules to fire. We have tried adding them to both a
> variation of 20_dnsbl_tests.cf and to the local.cf.
>
>
> Here is a sample of the type of rule we are loading:
>
> ## Local RBL
>
> header   RLBL_OSH_RBL  rbleval:check_rbl('rblos', 'rbl.onshore.com.')
> describe RLBL_OSH_RBL  rbl.onshore.com
> tflags   RLBL_OSH_RBL  net
>
> header   RLBL_OSH_RBL  rbleval:check_rbl_results_for('rblos',
> '127.0.0.4')
> describe RLBL_OSH_RBL  Host in rbl.onshore.com
> tflags   RLBL_OSH_RBL  net
>
> score    RLBL_OSH_RBL     3.0

Two things:

First, rename the first grouping of header, describe and tflags to
__RLBL_OSH_RBL. Note the addition of double-underscore at the beginning.
This choice of naming is key if you don't want the base rule to fire off
with a score of 1.0 if the RBL returns anything at all.

You cannot ever have two rules with the same name. If this ever happens,
the second declaration over-writes the first. This is very much
intentional, as it allows local configurations to "patch" the default
rulesets, if they so desire, by over-writing the rule with a different
version. Basically, your setup using the same name causes the second
group of three to over-write and destroy the first three, preventing the
rule from running because there is no check_rbl call.

Second, I'd also suggest changing "check_rbl_results_for" to
"check_rbl_sub". check_rbl_results_for is deprecated, and present for
backward compatibility only.

>
> spamassassin -D --lint shows no errors; however the rules don't seem
> to get called, or fire when we send a test mail from a host listed in
> the RBL. Other dnsrbls -- ie. spamcop, sorbs  -- seem to work fine.
>
>
> Any help would be appreciated.
YW.