Since our services initially was not made for handling spam, we decided to set up our spamassassin-control (examples) with a lower score than normal (at our local servers we are touching the limits of 5 with the score which is a default value for the scanner tools and spamassassin that we are using). Mostly because we cover a lot more hosts than only mailservers and this can actually lead to false positives.
Below, we have added examples on how a set up could look.
This first code block has been inspired by usenix s5h rules which can be seen at http://www.usenix.org.uk/content/rbl.html
header RCVD_IN_TORNEBL eval:check_rbl('tornebl', 'dnsbl.tornevall.org')
describe RCVD_IN_TORNEBL Listed at dnsbl.tornevall.org
tflags RCVD_IN_TORNEBL net
score RCVD_IN_TORNEBL 0 2.0 0 2.0
header RCVD_IN_TORNEFRAUDBL eval:check_rbl('fraudbl', 'bl.fraudbl.org')
describe RCVD_IN_TORNEFRAUDBL Listed at bl.fraudbl.org
tflags RCVD_IN_TORNEFRAUDBL net
score RCVD_IN_TORNEFRAUDBL 0 6.0 0 6.0