DNSWL question
I've started seeing some spam come through that gets labeled with RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/;, which imparts a negative score if the relay is listed in their db. Here at the Lab, we have an email gateway at the front, which is the single point of entry for email to the Lab, and then forwards the emails to the respective servers. Can't get around that issue, it's mandated by the Lab. Been looking through the doccy's and I've either glossed over it, or there is no section dealing specifically with this rule set that would allow me to turn off this rule. Can someone point me in the right direction as to how and where I can turn off this rule if it can be turned off? Thanks, Mark
Re: DNSWL question
Quoting Mark Wendt (Contractor) [EMAIL PROTECTED]: I've started seeing some spam come through that gets labeled with RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/;, which imparts a negative score if the relay is listed in their db. Here at the Lab, we have an email gateway at the front, which is the single point of entry for email to the Lab, and then forwards the emails to the respective servers. Can't get around that issue, it's mandated by the Lab. Been looking through the doccy's and I've either glossed over it, or there is no section dealing specifically with this rule set that would allow me to turn off this rule. Can someone point me in the right direction as to how and where I can turn off this rule if it can be turned off? Thanks, Mark Just set the score to 0 (zero). Any rule can be disabled by setting the score to zero. Cheers, Jeff C.
Re: DNSWL question
Mark Wendt (Contractor) wrote: I've started seeing some spam come through that gets labeled with RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/; Can someone point me in the right direction as to how and where I can turn off this rule if it can be turned off? In local.cf: score RCVD_IN_DNSWL_MED 0.00 Jon
Re: DNSWL question
Mark Wendt (Contractor) writes: I've started seeing some spam come through that gets labeled with RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/;, which imparts a negative score if the relay is listed in their db. Here at the Lab, we have an email gateway at the front, which is the single point of entry for email to the Lab, and then forwards the emails to the respective servers. Can't get around that issue, it's mandated by the Lab. You may also find trusted_networks and internal_networks to be helpful; specify the gateway's IP in those lists. --j.
Re: DNSWL question
Justin Mason wrote: Mark Wendt (Contractor) writes: I've started seeing some spam come through that gets labeled with RCVD_IN_DNSWL_MED RBL: Sender listed at http://www.dnswl.org/;, which imparts a negative score if the relay is listed in their db. Here at the Lab, we have an email gateway at the front, which is the single point of entry for email to the Lab, and then forwards the emails to the respective servers. Can't get around that issue, it's mandated by the Lab. You may also find trusted_networks and internal_networks to be helpful; specify the gateway's IP in those lists. Agreed. I would *STRONGLY* suggest fixing the problem, rather than trying to treat the symptoms by disabling rules. Right now SA appears to be confused about where your network borders are. Fix that, and it will fix a lot of other problems (ie: whitelist_from_rcvd won't work for you correctly) See also: http://wiki.apache.org/spamassassin/TrustPath