You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Tobi <ja...@gmx.ch> on 2017/06/01 12:33:17 UTC
Why both DNS lookup checks fire?
Hello list
I'm running Spamassassin 3.4.0 on a Centos 7 (64bit) with latest updates.
My goal is to have an own dnsbl list for lookups in Spamassassin.
The lookup zone is multi.mydomain.tld and I have the following to checks for SA:
urirhssub XXX_RCVD_MY_URIBL_DOMAIN multi.mydomain.tld. A 16
body XXX_RCVD_MY_URIBL_DOMAIN eval:check_uridnsbl('XXX_RCVD_MY_URIBL_DOMAIN')
tflags XXX_RCVD_MY_URIBL_DOMAIN net
describe XXX_RCVD_MY_URIBL_DOMAIN contains URI domain listed
reuse XXX_RCVD_MY_URIBL_DOMAIN
urirhssub XXX_RCVD_MY_URIBL_HOST multi.mydomain.tld. A 24
body XXX_RCVD_MY_URIBL_HOST eval:check_uridnsbl('XXX_RCVD_MY_URIBL_HOST')
tflags XXX_RCVD_MY_URIBL_HOST net
describe XXX_RCVD_MY_URIBL_HOST contains URI host listed
reuse XXX_RCVD_MY_URIBL_HOST
The zone returns 127.0.0.16 for domains (without any hostpart) listed and 127.0.0.24 for hosts (domain + hostpart) listed
So far so good :-)
Problem is that both checks do fire although only 127.0.0.16 is returned by lookup
* 2.3 XXX_RCVD_MY_URIBL_DOMAIN contains URI domain listed
* [URIs: kelasalbaghdadi.com]
* 3.8 XXX_RCVD_MY_URIBL_HOST contains URI host listed
* [URIs: kelasalbaghdadi.com]
$ dig kelasalbaghdadi.com.multi.mydomain.tld
[...]
;; QUESTION SECTION:
;kelasalbaghdadi.com.multi.mydomain.tld. IN A
;; ANSWER SECTION:
kelasalbaghdadi.com.multi.mydomain.tld. 6052 IN A 127.0.0.16
There is no mention of 127.0.0.24 which would be required for XXX_RCVD_MY_URIBL_HOST to fire.
Any idea how to avoid that both checks fire up? Did I mess something up in config?
Thanks for any idea on how to solve that
tobi
Re: Why both DNS lookup checks fire?
Posted by Tobi <ja...@gmx.ch>.
Problem solved :-)
After changing the urirhssub lines to
urirhssub XXX_RCVD_MY_URIBL_DOMAIN multi.mydomain.tld. A 127.0.0.16
urirhssub XXX_RCVD_MY_URIBL_HOST multi.mydomain.tld. A 127.0.0.24
only the XXX_RCVD_MY_URIBL_DOMAIN check fires
Regards
tobi
Am 01.06.2017 um 14:33 schrieb Tobi:
> Hello list
>
> I'm running Spamassassin 3.4.0 on a Centos 7 (64bit) with latest updates.
> My goal is to have an own dnsbl list for lookups in Spamassassin.
> The lookup zone is multi.mydomain.tld and I have the following to checks for SA:
>
> urirhssub XXX_RCVD_MY_URIBL_DOMAIN multi.mydomain.tld. A 16
> body XXX_RCVD_MY_URIBL_DOMAIN eval:check_uridnsbl('XXX_RCVD_MY_URIBL_DOMAIN')
> tflags XXX_RCVD_MY_URIBL_DOMAIN net
> describe XXX_RCVD_MY_URIBL_DOMAIN contains URI domain listed
> reuse XXX_RCVD_MY_URIBL_DOMAIN
>
> urirhssub XXX_RCVD_MY_URIBL_HOST multi.mydomain.tld. A 24
> body XXX_RCVD_MY_URIBL_HOST eval:check_uridnsbl('XXX_RCVD_MY_URIBL_HOST')
> tflags XXX_RCVD_MY_URIBL_HOST net
> describe XXX_RCVD_MY_URIBL_HOST contains URI host listed
> reuse XXX_RCVD_MY_URIBL_HOST
>
> The zone returns 127.0.0.16 for domains (without any hostpart) listed and 127.0.0.24 for hosts (domain + hostpart) listed
> So far so good :-)
> Problem is that both checks do fire although only 127.0.0.16 is returned by lookup
>
> * 2.3 XXX_RCVD_MY_URIBL_DOMAIN contains URI domain listed
> * [URIs: kelasalbaghdadi.com]
> * 3.8 XXX_RCVD_MY_URIBL_HOST contains URI host listed
> * [URIs: kelasalbaghdadi.com]
>
>
> $ dig kelasalbaghdadi.com.multi.mydomain.tld
> [...]
> ;; QUESTION SECTION:
> ;kelasalbaghdadi.com.multi.mydomain.tld. IN A
>
> ;; ANSWER SECTION:
> kelasalbaghdadi.com.multi.mydomain.tld. 6052 IN A 127.0.0.16
>
> There is no mention of 127.0.0.24 which would be required for XXX_RCVD_MY_URIBL_HOST to fire.
>
> Any idea how to avoid that both checks fire up? Did I mess something up in config?
>
> Thanks for any idea on how to solve that
>
> tobi
>