How would I go about determining WHICH RBLS are being used currently (I know they are "on").
Look through 20_dnsbl_tests.cf, then check to make sure the RBL in question has a non-zero score in 50_scores.cf.. grep is your friend.
And how would I go about adding/extracting an RBL from the SpamAssassin checks?
Disabling a RBL is easy.. set the score of the rule to 0 in your local.cf and it will never be evaluated.
so for example you can disable SORBS with:
score RCVD_IN_SORBS 0
Adding one is a bit tougher, you need to create a check_rbl or check_rbl_txt... to do this you'll need to understand a little bit about how the specific RBL works.. at least what kind of query it takes (ie: is it IP based or name based)
Normal IP based ones can just be implemented with a simple check_rbl rule.. Assuming an example "new blacklist" which is standard reverse-ip lookup type at x.x.x.x.newbl.newblacklist.org, you'd do something like this:
header RVCD_IN_NEWBL eval:check_rbl ('new', 'newbl.newblacklist.org')
score RCVD_IN_NEWBL 1.0
describe RCVD_IN_NEWBL Received via relayNote that the first parameter can be more-or-less anything but needs to be unique between different blacklists.. It's used to create storage of the results so you can do sub-queries of different bits in the result (look at the NJABL rules as an example). If the first parameter ends in -notfirsthop SA will attempt to skip the first IP in the headers (used for dialup BLs).
This rule will cause SA to DNS query "2.1.168.192.newbl.newblacklist.org" for the IP address 192.168.1.2.
Be sure to add your custom rules to /etc/mail/spamassassin/<something>.cf... do not create new rules in /usr/share/spamassassin as the whole directory gets obliterated when you upgrade.
------------------------------------------------------- This SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, MySQL, WebDAV, and more! http://www.apachecon.com/ _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
