Re: check_rbl question
Michael Grant via users skrev den 2023-07-07 17:41: On Fri, Jul 07, 2023 at 04:50:18PM +0200, giova...@paclan.it wrote: if can(Mail::SpamAssassin::Conf::has_tflags_nolog) tflags URIBL_IVMURI net nolog else tflags URIBL_IVMURI net endif and Benny Pedersen's idea of using a rule like: header __FOO eval:check_rbl('ivmSIP-lastexternal', 'my_key.inv-sip.') meta INVSIP __FOO describe IVMSIP listed at dnsbl.invaluement.com/ivmsip, score IVMSIP 5 Neither of these are ideal. I really need to see what ip address is being looked up. Perhaps yes, I'll need to do a feature request. header __RCVD_IN_AUTHBL eval:check_rbl('authbl','your_DQS_key.authbl.dq.spamhaus.net.') tflags __RCVD_IN_AUTHBLnet metaRCVD_IN_AUTHBL __RCVD_IN_AUTHBL describeRCVD_IN_AUTHBL Received via a relay in Spamhaus AuthBL so maybe nolog and debug mode ? feature request imho, it have never being supported without meta yet, but why not use syslogs ?, this will not be in recipients mailbox that way maybe nolog, extended to syslog only ? syslog __foo foo_ip 'metadata' grep foo_ip /var/log/messages thinking just load now :)
Re: check_rbl question
On Fri, Jul 07, 2023 at 04:50:18PM +0200, giova...@paclan.it wrote: > if can(Mail::SpamAssassin::Conf::has_tflags_nolog) > tflags URIBL_IVMURI net nolog > else > tflags URIBL_IVMURI net > endif and Benny Pedersen's idea of using a rule like: header __FOO eval:check_rbl('ivmSIP-lastexternal', 'my_key.inv-sip.') meta INVSIP __FOO describe IVMSIP listed at dnsbl.invaluement.com/ivmsip, score IVMSIP 5 Neither of these are ideal. I really need to see what ip address is being looked up. Perhaps yes, I'll need to do a feature request. signature.asc Description: PGP signature
Re: check_rbl question
On 7/7/23 16:18, Michael Grant via users wrote: I'm using check_rbl with some paid lists for example invaluement. I don't want to put my license key into the rule or it ends up in the spamassassin X-Spam-Report header. On one server, I've configured bind9 with DNAME records to hide the key. But what do others do? Is there some easier way to do this? If you are using SpamAssassin 4.0 you can use the "nolog" feature like this: ifplugin Mail::SpamAssassin::Plugin::URIDNSBL urirhssub URIBL_IVMURI uri.XXX.invaluement.com. A 2 body URIBL_IVMURI eval:check_uridnsbl('URIBL_IVMURI') describe URIBL_IVMURI listed on ivmURI found at invaluement.com if can(Mail::SpamAssassin::Conf::has_tflags_nolog) tflags URIBL_IVMURI net nolog else tflags URIBL_IVMURI net endif score URIBL_IVMURI 2.0 reuse URIBL_IVMURI endif Giovanni OpenPGP_signature Description: OpenPGP digital signature
Re: check_rbl question
Michael Grant via users skrev den 2023-07-07 16:18: I'm using check_rbl with some paid lists for example invaluement. I don't want to put my license key into the rule or it ends up in the spamassassin X-Spam-Report header. On one server, I've configured bind9 with DNAME records to hide the key. But what do others do? Is there some easier way to do this? this is imho a feature requst, what eval calls are used ? example https://github.com/spamhaus/spamassassin-dqs/blob/master/4.0.0%2B/sh_hbl.cf will not reveal keys if need to do rbl, make __foo eval:check rbl, and then make meta foo __foo, this is a workaround ask your data provider :)
check_rbl question
I'm using check_rbl with some paid lists for example invaluement. I don't want to put my license key into the rule or it ends up in the spamassassin X-Spam-Report header. On one server, I've configured bind9 with DNAME records to hide the key. But what do others do? Is there some easier way to do this? Michael Grant signature.asc Description: PGP signature