URIDNSBL: how to query certain lists only?

Fri, 04 Jan 2013 02:48:56 -0800 

Hello list,

I'm a relatively new user of Spamassassin.
My setup is a postfix + amavisd-new + spamassassin stack, with amavisd-new 
acting as before-queue filter. My use case is filtering submissions by 
untrusted users (customers of the company I work for); sasl authentication is 
mandatory.
I'm trying to set URIDNSBL rules in such a way that only certain dns lists are 
queried (Spamhaus DBL and SURBL; we have a datafeed subscription with them).
What I did was to look at 
/var/lib/spamassassin/3.003002/updates_spamassassin_org/25_uribl.cf and set my 
local.cf as follows:

[...]
score URIBL_SBL 0
score URIBL_SBL_A 0
score URIBL_DBL_SPAM 0
score URIBL_DBL_REDIR 0
score URIBL_DBL_ERROR 0
score URIBL_SC_SURBL 0
score URIBL_WS_SURBL 0
score URIBL_PH_SURBL 0
score URIBL_AB_SURBL 0
score URIBL_JP_SURBL 0
score URIBL_BLACK 0
score URIBL_GREY 0
score URIBL_RED 0
score URIBL_BLOCKED 0

urirhsbl        URIBL_SURBL     multi.surbl.org.        A
body            URIBL_SURBL     eval:check_uridnsbl('URIBL_SURBL')
describe        URIBL_SURBL     Contains an URL listed in the SURBL blocklist
tflags          URIBL_SURBL     net
reuse           URIBL_SURBL
score           URIBL_SURBL     3

urirhsbl        URIBL_DBL_SPAM  dbl.spamhaus.org.       A
body            URIBL_DBL_SPAM  eval:check_uridnsbl('URIBL_DBL_SPAM')
describe        URIBL_DBL_SPAM  Contains an URL listed in the DBL blocklist
tflags          URIBL_DBL_SPAM  net domains_only
score           URIBL_DBL_SPAM  3
[...]

I *intentionally* want to check aggregate lists instead of single ones and 
reassign scores.

Everything works ok, except for the fact that queries are performed to 
dob.sibl.support-intelligence.net as well. The matching rule is obviously 
URIBL_RHS_DOB in 72_active.cf, and adding "score URIBL_RHS_DOB 0" to local.cf 
solved the issue.

So my problem is: if I understand correctly the process of 72_active.cf rule 
generation, new URIBL_* rules could end up appearing in 72_active.cf at any 
time through sa-update.
How can I configure Spamassassin to permanently use just the URIBL_* rules I 
want? Do I have to check from time to time 72_ac   tive.cf and see if something 
has been added? That would be quite painful!

Thanks a lot for your support!

Fabio

Reply via email to