You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Fernando Serto <fe...@memetrics.com> on 2004/07/14 01:56:50 UTC
how to use SURBL
hi, I know it might sound a bit stupid, but I've never cared about using
SURBL, until now, after I sat on my desk on a beautiful Wednesday morning
and read Chris' email about bigevil. I haven't had any problems with it yet,
but as everyone has been suggesting for a while to use SURBL, I decided to
give it a go.
as you can see, I was downloading everything I could using RDJ:
TRUSTED_RULESETS="BIGEVIL TRIPWIRE ANTIDRUG EVILNUMBERS SARE_RANDOM
BLACKLIST BLACKLIST_URI RANDOMVAL BOGUSVIRUS SARE_ADULT SARE_FRAUD SARE_BML
SARE_RATWARE SARE_SPOOF SARE_BAYES_POISON_NXM SARE_OEM SARE_HEADER_ABUSE
SARE_CODING_HTML SARE_SPECIFIC";
I have a few questions about the whole process:
1) I know I should remove BIGEVIL from the TRUSTED_RULESETS, but how do I
add it to the SURBL? Should I just add a file called bigevil-uri.cf and add
the following lines to it?
uri WS_URI_RBL
eval:check_spamcop_uri_rbl('ws.surbl.org','127.0.0.2')
describe WS_URI_RBL URI's domain appears in spamcop database at
ws.surbl.org
tflags WS_URI_RBL net
score WS_URI_RBL 3.0
2) I have 2 files (blacklist.cf and blacklist-uri.cf), are they the same?
I've realized I have BLACKLIST and BLACKLIST-URI on my TRUSTED_RULESETS, as
well. can I get rid of BLACKLIST and only use BLACKLIST-URI?
3) If I want to use the other SURBL lists, should I just follow the same
steps of question 1? (If that's correct, of course)
Cheers,
Fernando
--
Fernando Serto
Systems Administrator
Memetrics Pty.
Phone: +61 2 95560833
Fax: +61 2 95556911
Mobile: 0403 338 005
E-mail: fernando.serto@memetrics.com
---
Certain disclaimers and policies apply to all email sent from Memetrics.
For the full text of these disclaimers and policies see
<a
href="http://www.memetrics.com/emailpolicy.html">http://www.memetrics.com/em
ailpolicy.html</a>
Re: SA 2.63 skipping some mails
Posted by Daniel Quinlan <qu...@pathname.com>.
Pat Masterson <ba...@grumman.com> writes:
> a few time a day I get this error, and SA doesnt scan the email, but
> clam does. What could be wrong:
It could be over the size limit for spamd.
If it's something else, we'd need the exact email to test it. It's
probably just the size limit or a bug or configuration setting in your
front-end program.
Daniel
--
Daniel Quinlan
http://www.pathname.com/~quinlan/
SA 2.63 skipping some mails
Posted by Pat Masterson <ba...@grumman.com>.
a few time a day I get this error, and SA doesnt scan the email, but
clam does. What could be wrong:
Aug 18 20:35:35 gateway spamass-milter[564]: [ID 567979 mail.error]
Could not extract score from <>
Aug 18 20:35:35 gateway sendmail[26092]: [ID 801593 mail.info]
i7J0ZTna026092: Milter add : he ader: X-Virus-Scanned: clamd / ClamAV
version 0.72, clamav-milter version 0.72\n\ton
gateway.northropgrumman.com
Aug 18 20:35:35 gateway sendmail[26092]: [ID 801593 mail.info]
i7J0ZTna026092: Milter add : header: X-Virus-Status: Clean
Aug 18 20:35:35 gateway sendmail[26095]: [ID 801593 mail.info]
i7J0ZTna026092: to=<bat@gr umman.com>, delay=00:00:03, xdelay=00:00:00,
mailer=local, pri=31031, dsn=2.0.0, stat=Sent
-pat
Re: how to use SURBL
Posted by Martin Hepworth <ma...@solid-state-logic.com>.
Fernando
see inline
--
Martin Hepworth
Snr Systems Administrator
Solid State Logic
Tel: +44 (0)1865 842300
Fernando Serto wrote:
> hi, I know it might sound a bit stupid, but I've never cared about using
> SURBL, until now, after I sat on my desk on a beautiful Wednesday morning
> and read Chris' email about bigevil. I haven't had any problems with it yet,
> but as everyone has been suggesting for a while to use SURBL, I decided to
> give it a go.
>
> as you can see, I was downloading everything I could using RDJ:
> TRUSTED_RULESETS="BIGEVIL TRIPWIRE ANTIDRUG EVILNUMBERS SARE_RANDOM
> BLACKLIST BLACKLIST_URI RANDOMVAL BOGUSVIRUS SARE_ADULT SARE_FRAUD SARE_BML
> SARE_RATWARE SARE_SPOOF SARE_BAYES_POISON_NXM SARE_OEM SARE_HEADER_ABUSE
> SARE_CODING_HTML SARE_SPECIFIC";
>
> I have a few questions about the whole process:
>
> 1) I know I should remove BIGEVIL from the TRUSTED_RULESETS, but how do I
> add it to the SURBL? Should I just add a file called bigevil-uri.cf and add
> the following lines to it?
> uri WS_URI_RBL
> eval:check_spamcop_uri_rbl('ws.surbl.org','127.0.0.2')
> describe WS_URI_RBL URI's domain appears in spamcop database at
> ws.surbl.org
> tflags WS_URI_RBL net
>
> score WS_URI_RBL 3.0
>
yes
> 2) I have 2 files (blacklist.cf and blacklist-uri.cf), are they the same?
> I've realized I have BLACKLIST and BLACKLIST-URI on my TRUSTED_RULESETS, as
> well. can I get rid of BLACKLIST and only use BLACKLIST-URI?
>
these are replaced by the ws.surbl.org uri list - ie the ws.surbl.org is
a merge of the sa-blacklist*.cf and bigevil.cf.
> 3) If I want to use the other SURBL lists, should I just follow the same
> steps of question 1? (If that's correct, of course)
>
yes
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote confirms that this email message has been swept
for the presence of computer viruses and is believed to be clean.
**********************************************************************
Re: how to use SURBL
Posted by Jeff Chan <je...@surbl.org>.
On Tuesday, July 13, 2004, 8:23:30 PM, Bill Bradford wrote:
> I keep seeing that SURBL is supported as a
> module that comes with SA3. I'm running -pre2, and want to know how to
> *activate* that module. Is it automatically on if I have RBL checks
> enabled?
SA 3.0 has built-in SURBL support in the urirhsbl and urirhssub
commands, and the sample config file has rules and scores for
multi.surbl.org using urirhssub, so I assume it's all active by
default, but would want someone more familiar with SA 3.0 to
confirm that.
If it's not active, how should Bill and others using -pre2
activate SURBL support?
Anyone know? :-)
Jeff C.
--
Jeff Chan
mailto:jeffc@surbl.org
http://www.surbl.org/
Re: how to use SURBL
Posted by Richard Ozer <ro...@ois-online.com>.
I'm running 2.63 with SURBL.
In CPAN, just install Net::DNS and URI.
Then install spamcop_uri
Then place the .cf rule file that comes with the spamcop distribution into
your /etc/mail/spamassassin directory.
If you use amavis, restart the daemon and you're done...
Couldn't be easier.
I didn't even bother to delete bigevil.cf .... it all just seems to work
fine ...
RO
----- Original Message -----
From: "Bill Bradford" <mr...@mrbill.net>
To: <sp...@incubator.apache.org>
Sent: Tuesday, July 13, 2004 8:23 PM
Subject: Re: how to use SURBL
> On Wed, Jul 14, 2004 at 09:56:50AM +1000, Fernando Serto wrote:
> > 1) I know I should remove BIGEVIL from the TRUSTED_RULESETS, but how do
I
> > add it to the SURBL? Should I just add a file called bigevil-uri.cf and
add
> > the following lines to it?
> > uri WS_URI_RBL
> > eval:check_spamcop_uri_rbl('ws.surbl.org','127.0.0.2')
> > describe WS_URI_RBL URI's domain appears in spamcop database at
> > ws.surbl.org
> > tflags WS_URI_RBL net
> >
> > score WS_URI_RBL 3.0
> > 2) I have 2 files (blacklist.cf and blacklist-uri.cf), are they the
same?
> > I've realized I have BLACKLIST and BLACKLIST-URI on my TRUSTED_RULESETS,
as
> > well. can I get rid of BLACKLIST and only use BLACKLIST-URI?
> > 3) If I want to use the other SURBL lists, should I just follow the same
> > steps of question 1? (If that's correct, of course)
>
> I'd like to know as well. I keep seeing that SURBL is supported as a
> module that comes with SA3. I'm running -pre2, and want to know how to
> *activate* that module. Is it automatically on if I have RBL checks
> enabled?
>
> Bill
>
> --
> bill bradford
> austin texas
>
Re: how to use SURBL
Posted by Bill Bradford <mr...@mrbill.net>.
On Wed, Jul 14, 2004 at 09:56:50AM +1000, Fernando Serto wrote:
> 1) I know I should remove BIGEVIL from the TRUSTED_RULESETS, but how do I
> add it to the SURBL? Should I just add a file called bigevil-uri.cf and add
> the following lines to it?
> uri WS_URI_RBL
> eval:check_spamcop_uri_rbl('ws.surbl.org','127.0.0.2')
> describe WS_URI_RBL URI's domain appears in spamcop database at
> ws.surbl.org
> tflags WS_URI_RBL net
>
> score WS_URI_RBL 3.0
> 2) I have 2 files (blacklist.cf and blacklist-uri.cf), are they the same?
> I've realized I have BLACKLIST and BLACKLIST-URI on my TRUSTED_RULESETS, as
> well. can I get rid of BLACKLIST and only use BLACKLIST-URI?
> 3) If I want to use the other SURBL lists, should I just follow the same
> steps of question 1? (If that's correct, of course)
I'd like to know as well. I keep seeing that SURBL is supported as a
module that comes with SA3. I'm running -pre2, and want to know how to
*activate* that module. Is it automatically on if I have RBL checks
enabled?
Bill
--
bill bradford
austin texas