On 2025-06-11 11:09:39 +0200, Reindl Harald wrote:
>
>
> Am 11.06.25 um 09:47 schrieb Vincent Lefevre:
> > So I still don't understand why there is an issue specific to my
> > machine, i.e. the fact that RCVD_IN_VALIDITY_CERTIFIED, etc. (the
> > strings without _BLOCKED) with a score of 0[*] still trigger a DNS
> > request and associated error in the logs and message headers.
> because you pretty sure have some local config but even if - why don't you
> just disable the queries in local.cf instead writing dozens of emails?
>
> dns_query_restriction deny sa-trusted.bondedsender.org
> dns_query_restriction deny sa-accredit.habeas.com
> dns_query_restriction deny bl.score.senderscore.com
I could. But it would be better to solve the actual issue.
> -------------
>
> [root@mail-gw:~]$ cat /usr/local/bin/workers/sa-score.sh
> #!/usr/bin/bash
>
> UPDATE_DIR="/var/lib/spamassassin/*/updates_spamassassin_org"
>
> echo "/usr/share/spamassassin"
> cat /usr/share/spamassassin/*.cf | grep --text "score" | grep --text -v -P
> '^#' | grep --text --color "$1"
> echo ""
>
> echo "$UPDATE_DIR"
> cat $UPDATE_DIR/*.cf | grep --text "score" | grep --text -v -P '^#' | grep
> --text --color "$1"
> echo ""
>
> echo "/etc/mail/spamassassin/local-*.cf"
> cat /etc/mail/spamassassin/local*.cf | grep --text "score" | grep --text -v
> -P '^#' | grep --text --color "$1"
> [root@mail-gw:~]$
>
> -------------
>
> [root@mail-gw:~]$ sa-score.sh VALIDITY
I get the following:
/usr/share/spamassassin
header RCVD_IN_VALIDITY_RPBL
eval:check_rbl('rnbl-lastexternal','bl.score.senderscore.com.')
describe RCVD_IN_VALIDITY_RPBL Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
score RCVD_IN_VALIDITY_RPBL 0 1.284 0 1.310 # n=0 n=2
score RCVD_IN_VALIDITY_CERTIFIED 0.0 -3.0 0.0 -3.0
score RCVD_IN_VALIDITY_SAFE 0.0 -2.0 0.0 -2.0
/var/lib/spamassassin/*/updates_spamassassin_org
header RCVD_IN_VALIDITY_RPBL
eval:check_rbl('rnbl-lastexternal','bl.score.senderscore.com.')
describe RCVD_IN_VALIDITY_RPBL Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
score RCVD_IN_VALIDITY_RPBL 0 1.284 0 1.310 # n=0 n=2
score RCVD_IN_VALIDITY_CERTIFIED 0.0 -3.0 0.0 -3.0
score RCVD_IN_VALIDITY_SAFE 0.0 -2.0 0.0 -2.0
header RCVD_IN_VALIDITY_RPBL
eval:check_rbl('rnbl-lastexternal','bl.score.senderscore.com.')
describe RCVD_IN_VALIDITY_RPBL Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
score RCVD_IN_VALIDITY_RPBL 0 1.284 0 1.310 # n=0 n=2
score RCVD_IN_VALIDITY_CERTIFIED 0.0 -3.0 0.0 -3.0
score RCVD_IN_VALIDITY_SAFE 0.0 -2.0 0.0 -2.0
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '^127\.0\.0\.')
describe RCVD_IN_VALIDITY_RPBL Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
header RCVD_IN_VALIDITY_RPBL_BLOCKED eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '127.255.255.255')
dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED bl.score.senderscore.com
score RCVD_IN_VALIDITY_RPBL 0 1.284 0 1.310 # n=0 n=2
score RCVD_IN_VALIDITY_RPBL_BLOCKED 0 0.001 0 0.001
score RCVD_IN_VALIDITY_CERTIFIED 0.0 -3.0 0.0 -3.0
score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0 0.001 0 0.001
score RCVD_IN_VALIDITY_SAFE 0.0 -2.0 0.0 -2.0
score RCVD_IN_VALIDITY_SAFE_BLOCKED 0 0.001 0 0.001
header RCVD_IN_VALIDITY_RPBL eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '^127\.0\.0\.')
describe RCVD_IN_VALIDITY_RPBL Relay in Validity RPBL,
https://senderscore.org/blocklistlookup/
header RCVD_IN_VALIDITY_RPBL_BLOCKED eval:check_rbl('rnbl-lastexternal',
'bl.score.senderscore.com.', '127.255.255.255')
dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED bl.score.senderscore.com
score RCVD_IN_VALIDITY_CERTIFIED 0
score RCVD_IN_VALIDITY_SAFE 0
score RCVD_IN_VALIDITY_RPBL 0
score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 0.001 0.001 0.001
score RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 0.001 0.001 0.001
score RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 0.001 0.001 0.001
/etc/mail/spamassassin/local-*.cf
--
Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)
