On 10/17/2013 04:01 PM, Neil Schwartzman wrote:
On Oct 17, 2013, at 6:49 AM, Tom Hendrikx <t...@whyscream.net> wrote:
Basicly the description "Contains an URL listed in the SBL
blocklist [URIs: example.com]" is false,
incorrect, not false, which implies maliciousness. I believe Spamhaus
only recently, for some value of recently, started doing NS listings
with deeper dives that show up on an SBL listing.
not recently... rules has been there & active for many years.
not a NS listing either, it's a NS' IP which is listed.
As SBL is about IPs it shouldn't be hard.. but then
We'll look at changing this in compliance to the age of 160chars ;)
We also have
if (version >= 3.004000)
ifplugin Mail::SpamAssassin::Plugin::URIDNSBL
uridnsbl URIBL_SBL_A sbl.spamhaus.org. A
body URIBL_SBL_A eval:check_uridnsbl('URIBL_SBL_A')
describe URIBL_SBL_A Contains URL's A record listed in
the SBL blocklist
tflags URIBL_SBL_A net a
endif
endif
which states it clearly
I personally feel it is a good thing, since the result is a positive
one, but yes, the annotation in SA should be adjusted to indicate
this aspect of the DNSBLs listings.
On Oct 17, 2013, at 5:00 AM, Tom Hendrikx <t...@whyscream.net> wrote:
We had this too for one of our customers. Your problem is that one
of the nameservers of the domain is listed:
http://www.spamhaus.org/query/ip/151.1.141.150
I'm not really sure whether it's a feature or a bug that the
rule/plugin goes that deep while searching for possible wrongdoing
ip addresses...
