Since our services initially was not made for handling spam, we decided to set up our spamassassin-control with a lower score than normal. Mostly because we cover a lot more hosts than only mailservers and this can actually lead to false positives.
Below, we have added examples on how a set up could look.
This first code block has been expired by usenix s5h rules which can be seen at http://www.usenix.org.uk/content/rbl.html
SpamAssassin
header RCVD_IN_TORNEBL eval:check_rbl('tornebl', 'dnsbl.tornevall.org')
describe RCVD_IN_TORNEBL Listed at dnsbl.tornevall.org
tflags RCVD_IN_TORNEBL net
score RCVD_IN_TORNEBL 0 3.0 0 3.0
FraudBL
FraudBL
header RCVD_IN_TORNEFRAUDBL eval:check_rbl('fraudbl', 'bl.fraudbl.org')
describe RCVD_IN_TORNEFRAUDBL Listed at bl.fraudbl.org
tflags RCVD_IN_TORNEFRAUDBL net
score RCVD_IN_TORNEFRAUDBL 0 6.0 0 6.0