Hi all, Recently another sysadmin friend and I were toying with various (conflicting and quite old) suggestions from the Google about how to disable all the RBLs/URIBLs that are included in spamassassin that require payment. Most of the things we saw involved setting the score of various spamhaus tests to "0", and as best I can tell that doesn't work (I still see queries going out even if i don't see the warning in the score summary of the scanned emails).
For example, we had something similar to this: # remove spamhaus tests, they want $thousands # need to include the first base rule or DNS still triggers but is ignored ## commented out for trial score __RCVD_IN_ZEN 0 score RCVD_IN_SBL 0 score RCVD_IN_XBL 0 score RCVD_IN_PBL 0 score URIBL_SBL 0 score URIBL_CSS 0 score URIBL_SBL_A 0 score URIBL_CSS_A 0 score URIBL_DBL_SPAM 0 score URIBL_DBL_PHISH 0 score URIBL_DBL_MALWARE 0 score URIBL_DBL_BOTNETCC 0 score URIBL_DBL_ABUSE_SPAM 0 score URIBL_DBL_ABUSE_REDIR 0 score URIBL_DBL_ABUSE_PHISH 0 score URIBL_DBL_ABUSE_MALW 0 score URIBL_DBL_ABUSE_BOTCC 0 Another variation is this: dns_query_restriction deny spamhaus.org We were both working with really dated versions though, so maybe things changed somewhere along the way. So two hopefully very simple questions: 1 - I could have sworn there was discussion on here that resulted in the default being to NOT query any lists that are not free or any lists that require an account. Did I dream that? And if so, I highly suggest you look at what Spamhaus is charging these days and reconsider. And also at that 1 second TTL they use that sort of... inflates the number of queries generated. For a small ISP where email is just like a free add-on for other services or legacy customers, it was just close to being the same we'd pay to simply outsource all email. And it's not a full spam filtering service, just an RBL. 2 - In 4.x what is the proper method to disable spamhaus (and anything else lurking in there I'm not aware of that will start popping messages about query limits)? And where is that documented? Thanks, Charles -- Charles Sprickman NetEng/SysAdmin Bway.net - New York's Best Internet www.bway.net [email protected] - 212.982.9800
