https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6922

Alessandro Vesely <[email protected]> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |[email protected]

--- Comment #3 from Alessandro Vesely <[email protected]> ---
(In reply to comment #2)
> (In reply to comment #1)
> > So you have the dnswl data in a local DNS Server?  Can't you just copy and
> > paste the dnswl rules into your local.cf and replace the host name in them? 
> > Maybe just the one that actually contains the host name?

Yup, that works.  Obvious as it may seem, one needs to leave skip_rbl_checks at
its default value for this to take effect.  For BLACK lists, it is
straightforward that if the server had looked them up already and found a
positive result, then it would have rejected the message then.

> Or just a forward statement in your bind configuration to query your RBLDNSD
> server?  Is that your issue?

I tried and interpret http://www.dnswl.org/tech#bind and set a non-global name
like so:

zone "dnswl.local" {
    type forward;
    forward only;
    forwarders { 127.0.0.1 port 54; };
};

Then, for rbldnsd, I put -b 127.0.0.1/54.

My understanding is that if I had put "list.dnswl.org" instead, I would have
obscured the resolution for dnswl.org.  For comparison, the setting for
Courier-MTA is -allow=dnswl.local=list.dnswl.org so that it knows both what to
query and what that means.  With such setting, in the message headers I can
get:

Authentication-Results: wmail.tana.it;
    dnswl=pass dns.zone=list.dnswl.org
    policy.ip=127.0.4.3
    policy.txt="apache.org http://dnswl.org/s?s=3084";

thus, reading the result directly from the message header could be yet another
possibility.  What you think?

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to