natan skrev den 2024-03-14 16:04:
in 00_init_dns.cf:
# dns_query_restriction (allow|deny) domain1 domain2 .
dns_query_restriction allow dq.spamhaus.net
dns_query_restriction deny zen.spamhaus.net
...
In: /var/lib/spamassassin/3.004006/updates_spamassassin_org/
do not edit or add any new files in this dir, it will wanish when you
make rule updates with sa-update
create 00__abuse_dns.cf
and add only:
dns_query_restriction allow dq.spamhaus.net
dns_query_restriction deny zen.spamhaus.net
?
in gentoo i have
# /etc/mail/spamassassin
where you should add 00_abuse_dns.cf
note its just readonly data
and restart SA+amavis ?
beacuse I dont udderstand "hostname foo.zen.dq.spamhaus.net and
foo.zen.spamhaus.net"
does not matter :)
grep -r spamhaus.net
/var/lib/spamassassin/3.004006/updates_spamassassin_org/
gives a list of zone-hostnames to add to deny list above
if your dns server is bind
rndc querylog
rndc status
if last says query logging is on
then grep logs for spamhaus in your named logs
when all is well do
rndc querylog
else your logs will be filled
create this file, its important its named 00_something since it must
be readed first when spamd starts or amavisd or any other that uses
spamassaassin core
if still see blocked, use more deny
if just LinkedIn adminds did that knowledge :)
--
