DNSBL for Spamfilters

Since our services initially was not made for handling spam, we decided to set up our spamassassin-control (examples) with a lower score than normal (at our local servers we are touching the limits of 5 with the score which is a default value for the scanner tools and spamassassin that we are using). Mostly because we cover a lot more hosts than only mailservers and this can actually lead to false positives.

Below, we have added examples on how a set up could look.


This first code block has been inspired by usenix s5h rules which can be seen at http://www.usenix.org.uk/content/rbl.html

header          RCVD_IN_TORNEBL   eval:check_rbl('tornebl', 'dnsbl.tornevall.org')
describe        RCVD_IN_TORNEBL   Listed at dnsbl.tornevall.org
tflags          RCVD_IN_TORNEBL   net
score           RCVD_IN_TORNEBL   0 2.0 0 2.0


header          RCVD_IN_TORNEFRAUDBL   eval:check_rbl('fraudbl', 'bl.fraudbl.org')
describe        RCVD_IN_TORNEFRAUDBL   Listed at bl.fraudbl.org
tflags          RCVD_IN_TORNEFRAUDBL   net
score           RCVD_IN_TORNEFRAUDBL   0 6.0 0 6.0