On Tuesday 19 Aug 2003 1:12 pm, Bryan Phinney wrote:
> Not sure if this is the right list for this type of question but I will
> plunge in anyway. I am running Postfix 2.04 on my Linux system and using
> Fetchmail to pull down mail from my ISP and inject it into Postfix. I have
> local aliases setup for all of the ISP accounts so the mail comes in from
> the ISP mail address and is then routed to the local address.
>
> What I am trying to do is to get Postfix to use RBL checks to bounce mail
> when it comes from a DNSBL listed address. I am currently using Procmail
> and Spamassassin for filtering but the DNSBL filters in Spamassassin don't
> seem to be working at all since mail is never tagged when it comes from a
> DNSBL listed spammer. I suspect that it is seeing the headers from my ISP
> as the originating source due to Fetchmail and is therefore deciding that
> blocklisted spam is actually from my ISP and thus okay.
>
> I also suspect that the Postfix RBL client restrictions are failing for
> much the same reason, it reads the ISP headers and decides that the mail is
> okay.
>
> Has anyone on the list implemented a solution that enables DNSBL filtering
> from Postfix when mail is injected with Fetchmail, or even some method of
> directly checking DNSBL from Procmail and rejecting the mail there?
By default spamassassin disables the DNSBL tests.
Have you enabled it by putting
score RCVD_IN_RBL 10
score RCVD_IN_RSS 1
score RCVD_IN_DUL 1
score RCVD_IN_BL_SPAMCOP_NET 4
in ~/.spamassassin/user_prefs (for per user), or
/etc/mail/spamassassin/local.cf (for all users) ?
If you add the following text to /etc/mail/spamassassin/local.cf then
spamassassin will also check the www.njabl.org open relay blacklist.
header IN_NJABL_ORG rbleval:check_rbl('njabl','dnsbl.njabl.org.')
describe IN_NJABL_ORG Received via a relay in dnsbl.njabl.org
tflags IN_NJABL_ORG net
header NJABL_OPEN_RELAY rbleval:check_rbl_results_for('njabl',
'127.0.0.2')
describe NJABL_OPEN_RELAY DNSBL: sender is Confirmed Open Relay
tflags NJABL_OPEN_RELAY net
header NJABL_DUL rbleval:check_rbl_results_for('njabl',
'127.0.0.3')
describe NJABL_DUL DNSBL: sender ip address in in a dialup block
tflags NJABL_DUL net
header NJABL_SPAM_SRC rbleval:check_rbl_results_for('njabl',
'127.0.0.4')
describe NJABL_SPAM_SRC DNSBL: sender is Confirmed Spam Source
tflags NJABL_SPAM_SRC net
header NJABL_MULTI_STAGE rbleval:check_rbl_results_for('njabl',
'127.0.0.5')
describe NJABL_MULTI_STAGE DNSBL: sent through multi-stage open relay
tflags NJABL_MULTI_STAGE net
header NJABL_CGI rbleval:check_rbl_results_for('njabl', '127.0.0.8')
describe NJABL_CGI DNSBL: sender is an open formmail
tflags NJABL_CGI net
header NJABL_PROXY rbleval:check_rbl_results_for('njabl', '127.0.0.9')
describe NJABL_PROXY DNSBL: sender is an open proxy
tflags NJABL_PROXY net
score IN_NJABL_ORG 0.38
score NJABL_DUL 0.62
score NJABL_MULTI_STAGE 0.75
score NJABL_PROXY 3.00
score NJABL_OPEN_RELAY 3.00
score NJABL_CGI 1.50
score NJABL_SPAM_SRC 3.00
derek
--
----------------------------------
www.jennings.homelinux.net
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
