On 03/11/2015 10:20 AM, Benny Pedersen wrote:
Kevin Miller skrev den 2015-03-10 23:01:
FWIW, I put on my BOFH hat, and just blocked those name servers at the
filewall. They're based in Germany so it's a pretty safe bet that I'm
not going to see legitimate mail from any of the legitimate domains
hosted by them. That may not be the case for others.
sure, its URLS, not client sender addresses, so if you have bind9 rpz it
works
google bind9 rpz, spamassassin must check that domain is not rpz listed
RPZ zones are domain lists - NOT nameservers lists
if anything using rbldnsd
In rbldnsd setup:
urinsbl.example.net:dnset:black_ns.txt
black_ns.txt
____
# Default response...
:127.0.0.2:black_ns
# 10 min TTL
$TTL 600
ns1.swimmer-size.biz :127.0.0.2:black_ns $ detected: 2015-02-24 17:39:13
____
and create a SA rule like:
urifullnsrhssub YOUR_URI_NS_BL urinsbl.example.net. A 2
body YOUR_URI_NS_BL eval:check_uridnsbl('YOUR_URI_NS_BL')
describe YOUR_URI_NS_BL URL NS domain listed in Your NS BL
tflags YOUR_URI_NS_BL net
score YOUR_URI_NS_BL 1.0