On 12/19/2014 12:28 PM, Dharma Monie wrote:
Good question there.
The rule is shipped with SA by default,
regarding if it’s enabled by default - checking against that exact uribl - I’m
affraid I can’t provide you with
a satisfying answer there, as I was not the initial admin configuring “this”
file.
what .cf file is that in?
atm, it's *NOT* in the default SA rules.
Other than that, this check have been a good friend in my battle against spam,
and I’m troubled by the question if it is something within my system that made
this start scoring False Positives or if the rbl has been compromised - which I
really just
can’t see happening.
But neither have any change been done to my system.
Any thought on this is most welcome.
SBL-XBL lists sender IPs. Combined generic spam and exploited hosts.
It's a *VERY" bad choice to use for URI lookups.
Can you provide a few domains which hit that lookup?
// Dharma Monie<mailto:dha...@dharmacode.se>
On 19 Dec 2014, at 12:01, Axb <axb.li...@gmail.com<mailto:axb.li...@gmail.com>>
wrote:
On 12/19/2014 11:55 AM, Dharma Monie wrote:
Anyone experinced SA rule URIBL (spammhaus/local.cf) score false positive?
—>
uridnsbl URIBL_SBLXBL
sbl-xbl.spamhaus.org<http://sbl-xbl.spamhaus.org><http://sbl-xbl.spamhaus.org>.
TXT
body URIBL_SBLXBL eval:check_uridnsbl('URIBL_SBLXBL’)
<—
All of a sudden, it scores 40-50% false positive, latest 2-3 days. All summin'
up to now - users missing a whole lot of mail.
That's really all I can say.
I've Never seen/experienced this problem before?
I'm also having a problem thinking that it is SH URIBL that’s having problem..?
Any thought/correction/tip/world-peace are welcome!
//Love Dharma
Where does that rule come from?
I don't see it in the SA default ruleset.
