[Mimedefang] SpamAssassin and using a local SpamHaus zone DNS server

Stephen Johnson Stephen.Johnson at arkansas.gov
Wed Mar 28 17:43:56 EDT 2007 

On Wed, 2007-03-28 at 15:30 -0500, Jim McCullars wrote:
> Does anyone here run SpamAssassin and also subscribe to the SpamHaus data
> service, where you download the lists and query a local DNS?  I recently
> signed up for the 30-day free trial and sendmail is doing the query as it
> should, but the default net tests in SA are still querying the
> spamhaus.org public servers.  Did you change SA to query the local DNS for
> the SBL/XBL/PBL tests?  If so, how did you make the change?  Thanks...

Ooo. A situation I can address. We subscribe to SpamHaus. I've got a
local caching DNS server configure on my mail heads that they use. I
added a zone forward for my local DNS zone pointing to my back-end
servers. The backend servers are running rbldnsd with the Spamhaus data,

I redefined the appropriate SA rules to point to my zones. And I
disabled the other RBL check I don't use. Here's the snippet from my
local.cf file. 


-- 
Stephen L Johnson                       stephen.johnson at arkansas.gov
Unix Systems Administrator              sjohnson at monsters.org
Department of Information Systems       Phone: 501-682-4339
State of Arkansas

-------------- next part --------------
# Disable certain dnsbl tests
score   __RCVD_IN_SORBS         0
score   RCVD_IN_SORBS_HTTP      0
score   RCVD_IN_SORBS_SOCKS     0
score   RCVD_IN_SORBS_MISC      0
score   RCVD_IN_SORBS_SMTP      0
score   RCVD_IN_SORBS_WEB       0
score   RCVD_IN_SORBS_BLOCK     0
score   RCVD_IN_SORBS_ZOMBIE    0
score   RCVD_IN_SORBS_DUL       0

# Change the Spamhaus test to use DIS .dnsbl DNS zone
header __RCVD_IN_SBL_XBL        eval:check_rbl('sblxbl', 'sbl-xbl.dnsbl.')
describe __RCVD_IN_SBL_XBL      Received via a relay in Spamhaus SBL+XBL
tflags __RCVD_IN_SBL_XBL        net

# SBL is the Spamhaus Block List: http://www.spamhaus.org/sbl/
header RCVD_IN_SBL              eval:check_rbl_sub('sblxbl', '127.0.0.2')
describe RCVD_IN_SBL            Received via a relay in Spamhaus SBL
tflags RCVD_IN_SBL              net
#reuse RCVD_IN_SBL

# XBL is the Exploits Block List: http://www.spamhaus.org/xbl/
header RCVD_IN_XBL              eval:check_rbl('sblxbl-lastexternal', 'sbl-xbl.dnsbl.', '127.0.0.[456]')
describe RCVD_IN_XBL            Received via a relay in Spamhaus XBL
tflags RCVD_IN_XBL              net
#reuse RCVD_IN_XBL

More information about the MIMEDefang mailing list