Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

sa-dnsbl-example.cf@ 64

Last change on this file since 64 was 42, checked in by Kris Deugau, 12 years ago

/trunk

Rename SA fragment in uribl/, and add one in dnsbl/

File size: 3.1 KB

Line
1	# This is an example configuration fragment for the IP blacklist
2
3	ifplugin Mail::SpamAssassin::Plugin::DNSEval
4
5	# Note the effectiveness here relies on an accurate trust path in trust.cf
6	# Scores have not been automatically balanced but have been in active production use for several years.
7
8	# Core DNS lookup triggered by this rule
9	header __RCVD_IN_LOCAL_DNSBL eval:check_rbl('local-dnsbl-lastexternal','dnsbl.dnsbl.')
10
11	# IP
12	header LOCAL_RBL_IP eval:check_rbl_sub('local-dnsbl-lastexternal','2')
13	describe LOCAL_RBL_IP IP listed on internal RBL
14	score LOCAL_RBL_IP 2.0
15
16	# Automatic-threshold block listings
17	header LOCAL_RBL_2DELEG eval:check_rbl_sub('local-dnsbl-lastexternal','4')
18	describe LOCAL_RBL_2DELEG Preemtive secondary delegation netblock listing on internal RBL
19	score LOCAL_RBL_2DELEG 1.6
20	header LOCAL_RBL_1DELEG eval:check_rbl_sub('local-dnsbl-lastexternal','8')
21	describe LOCAL_RBL_1DELEG Preemptive delegated netblock listing on internal RBL
22	score LOCAL_RBL_1DELEG 1.0
23	header LOCAL_RBL_REGISTRAR eval:check_rbl_sub('local-dnsbl-lastexternal','16')
24	describe LOCAL_RBL_REGISTRAR Preemptive registrar allocation netblock listing on internal RBL
25	score LOCAL_RBL_REGISTRAR 0.8
26
27	# Manually-tagged block "owners". mask 64 is skipped here for historical compatibility for tagged blocks below
28	header LOCAL_RBL_ORG eval:check_rbl_sub('local-dnsbl-lastexternal','32')
29	describe LOCAL_RBL_ORG Preemptive registrar netblock owner listing on internal RBL
30	score LOCAL_RBL_ORG 1.0
31	header LOCAL_RBL_ORG1 eval:check_rbl_sub('local-dnsbl-lastexternal','256')
32	describe LOCAL_RBL_ORG1 Preemptive delegated netblock owner listing on internal RBL
33	score LOCAL_RBL_ORG1 1.2
34	header LOCAL_RBL_ORG2 eval:check_rbl_sub('local-dnsbl-lastexternal','512')
35	describe LOCAL_RBL_ORG2 Preemptive secondary delegated netblock owner listing on internal RBL
36	score LOCAL_RBL_ORG2 1.4
37
38	# Manually-tagged blocks
39	header LOCAL_RBL_BLOCK eval:check_rbl_sub('local-dnsbl-lastexternal','64')
40	describe LOCAL_RBL_BLOCK Preemptive netblock listing based on out-of-band data
41	score LOCAL_RBL_BLOCK 1.3
42	header LOCAL_RBL_BLOCK1 eval:check_rbl_sub('local-dnsbl-lastexternal','1024')
43	describe LOCAL_RBL_BLOCK1 Preemptive delegated netblock out-of-band listing on internal RBL
44	score LOCAL_RBL_BLOCK1 1.5
45	header LOCAL_RBL_BLOCK2 eval:check_rbl_sub('local-dnsbl-lastexternal','2048')
46	describe LOCAL_RBL_BLOCK2 Preemptive secondary delegated netblock out-of-band listing on internal RBL
47	score LOCAL_RBL_BLOCK2 1.7
48
49	# meta rule to catch multiple whole-block hits
50	meta __LOCAL_RBL_MUTILBLOCK (LOCAL_RBL_REGISTRAR + LOCAL_RBL_BLOCK1 + LOCAL_RBL_BLOCK2 + LOCAL_RBL_1DELEG + LOCAL_RBL_2DELEG + LOCAL_RBL_ORG + LOCAL_RBL_ORG1 + LOCAL_RBL_ORG2) > 1
51
52	# The "I'm a spammer, tag meeee!" score. Specifically assigned to particular IPs that
53	# need to be called spam, NOT to be combined with any other sublistings.
54	header LOCAL_RBL_LASTRESORT eval:check_rbl_sub('local-dnsbl-lastexternal','128')
55	describe LOCAL_RBL_LASTRESORT Obnoxious spam source IP that won't go away by other means
56	score LOCAL_RBL_LASTRESORT 4.5 # Could be scored higher if you need a bigger stick
57
58	endif # Mail::SpamAssassin::Plugin::DNSEval

Note: See TracBrowser for help on using the repository browser.

Download in other formats:

Original Format