I have some questions about defining my own rules. I'm creating rules for DNSBLs that aren't listed in 20_dnsbl_tests.cf. For the record I'm compiling and installing 2.60 from CVS nightly and I'm calling SA from MIMEDefang.
First off, can someone give me a quick explanation of the various rbleval options? I can't seem to find any docs on them. check_rbl and check_rbl_sub seem to be fairly self-explanitory, unless there are things to watch out for when using them. Actually, since I'm mentioning them, how does declaring one rule to be a sub affect the results? check_rbl_txt to me implies that it check for a given string in the TXT records return with a lookup. I'm not certain about this though because if that's how it works then the RCVD_IN_DSBL check isn't going to work. The TXT records in list.dsbl.org contain a URL for someone to lookup more information about that listing on their site. It doesn't contain "list.dsbl.org." I'm adding a rule for the multihop.dsbl.org zone and noticed this discrepency. I noticed that RCVD_IN_NJABL_DIALUP had 3 arguements in parenthesis. What's the extra one for? Is there docs on that as well? The first appears to be a generic name for the zone. The last looks to be the response code or sometimes the DNS zone. RCVD_IN_NJABL_DIALUP seems to have both the response code and the DNS zone. I'm having trouble trying to figure out how best to fix the RCVD_IN_OSIRU checks. I call each and every subdomain of relays.osirusoft.com in Sendmail to gather stats for each of the various lists the ORSS incorporates. That's 8 calls total at present. I'm trying to figure out how to do the same from SA. Since I can't rely on the response code to tell me which zone the listing is actually in, can I use check_rbl_txt to check for the existence of "spamsources," "spews," or "dialups" in the TXT record? I see that all 3 use 127.0.0.4 at some point. When I define a score do I need to provide all 4 scores like other tests have? (local, net, with bayes, with bayes+net) I'm not trying to determine the best score for these lists. I'm just planning on giving .5 or 1 to the various lists I'm adding. Ie, I'm not planning on this rule being the only determining factor in deciding if something is spam or not. I just want to add a little to the score. It appears that SA checks all the Received lines in a message against the various DNSBLs. I'm planning on continuing to block mail from open relays/proxies/SOCKS/formmail.cgi boxes from within Sendmail itself. Would it be worth the extra queries to recall those DNSBLs from SA as well to check *all* the Received lines for spam bounced through multiple relays/proxies? Do the dialup checks only check the most recent Received line? It makes since but I can't find any place that specifically states that or a config option that implies that. You wouldn't want to check all the Received lines against the dialup lists, obviously, so assuming this makes sense to me. If I enable the DUL check (we pay for it) and add other various dialup checks, would this be a problem? Many thanks Justin ------------------------------------------------------- This SF.net email is sponsored by: ObjectStore. If flattening out C++ or Java code to make your application fit in a relational database is painful, don't do it! Check out ObjectStore. Now part of Progress Software. http://www.objectstore.net/sourceforge _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
