>As I posted previously, the safer way to do it is to tell your recursor
>to forward all spamhaus queries to you local rblsnd and NOT to tinker
>with SA rules but then...
My local recursor does forward to rbldnsd, as per their instructions...
zone "dnsbl" {
type forward;
forward only;
forwarders {
XXXXXXX port 10099;
};
};
Just checked the documentation Spamhaus provide..... they suggest the following
in the local.cf...... which is very similar to what I've been doing, is it not
? (admittedly the below was not in the documentation a the time, so my
local.cf additions were home-brew).
header __RCVD_IN_ZEN eval:check_rbl('zen','zen.dnsbl.') header RCVD_IN_XBL
eval:check_rbl('zen-lastexternal', 'zen.dnsbl.','127.0.0.[45678]') header
RCVD_IN_PBL eval:check_rbl('zen-lastexternal', 'zen.dnsbl.', '127.0.0.1[01]')
uridnssub URIBL_SBL zen.dnsbl. A 127.0.0.2 urirhssub URIBL_DBL_SPAM
dbl.dnsbl. A 127.0.1.2 urirhssub URIBL_DBL_REDIR dbl.dnsbl. A 127.0.1.3
urirhssub URIBL_DBL_ERROR dbl.dnsbl. A 127.0.1.255
