Non blocking RBL with exim

Kihara Muriithi william.muriithi-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Sat Oct 6 09:06:36 UTC 2007


Hi,

I do agree, and this is why I am trying to avoid using them alone to
decide a fate of a mail. What I am looking at is to use the rbl to
insert a header on suspicious mail. This way, by the time the mail
reaches SpamAssassin, it will be scored higher immediately if it has a
header indicating that the domain of origin is on rbls.

I have somehow figured how to insert the header using exim. I am
planning to use acl_check_rcpt and instead of using the deny verb on
rbl test, I will be using warn and then sticking a header on that
mail. Something similar to this;
warn    message       = X-Warning: $sender_host_address is \
                          in a black list at $dnslist_domain
           log_message   = found in $dnslist_domain
            dnslists      = black.list.example

Now, what I am looking at is to score this email 3 points before any
further processing by spamassassin.

Peter, I do get you, and there is a lot of political debate I have
come across on the net on this topic. rbl have sometime abused their
power, but they also have some information worth using when evaluating
mails legitimacy. Automatically disregarding them in my experience
have ended up allowing spam through the MX servers. What I am
suggesting above is to leverage the rbl advantages without suffering
from these political issues.

I am actually running greylisting in fact. However I think greylisting
cater for a different purpose. May of less fight against ratware which
are not rfc compliant. However over time these ratware have fixed this
problem. When fighting spam from well designed smtp servers, I believe
checking the content and the domain of the origin is the only
information you can leverage. The former is fulfilled by spamassissin
and the later by rbl.

Regards
William



On 06/10/2007, Peter P. <plpeter2006-/E1597aS9LQAvxtiuMwx3w at public.gmane.org> wrote:
> Kihara Muriithi <william.muriithi at ...> writes:
>
> > I wonder if anyone has pointer on a way of using the rbl database to
> > just score the mail, and then allow them through. It would then be
> > possible to let SpamAssassin act on them in a more flexible manner.
> > Any pointer will be highly appreciated.
>
> rbls are evil. Please take a look at graylisting.
>
> Peter P.
>
>
> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list