Last week at the 41st M3AAWG meeting in Toronto there was considerable interest in domain-based whitelisting information when I presented the dnswl.org project. Obviously, this needs to be authenticated, and that’s what we have DKIM for.
We created an experimental list dwl.dnswl.org (subject to change without prior notice yaddayadda, with minimal infrastructure etc - don’t use it in production yet!), which works like a regular domain- or hostname-based blacklist would. More details are here https://www.dnswl.org/?p=311 <https://www.dnswl.org/?p=311>, but in a nutshell that’s how it could be implemented in SpamAssassin (put it in your local.cf or in some similarly convenient place): ifplugin Mail::SpamAssassin::Plugin::AskDNS askdns DNSWL_DWL_HI _DKIMDOMAIN_.dwl.dnswl.org A /^127\.\d+\.\d+\.3/ tflags DNSWL_DWL_HI nice net describe DNSWL_DWL_HI dwl.dnswl.org high trust score DNSWL_DWL_HI -5 askdns DNSWL_DWL_MED _DKIMDOMAIN_.dwl.dnswl.org A /^127\.\d+\.\d+\.2/ tflags DNSWL_DWL_MED nice net describe DNSWL_DWL_MED dwl.dnswl.org medium trust score DNSWL_DWL_MED -2 askdns DNSWL_DWL_LOW _DKIMDOMAIN_.dwl.dnswl.org A /^127\.\d+\.\d+\.1/ tflags DNSWL_DWL_LOW nice net describe DNSWL_DWL_LOW dwl.dnswl.org low trust score DNSWL_DWL_LOW -1 askdns DNSWL_DWL_NONE _DKIMDOMAIN_.dwl.dnswl.org A /^127\.\d+\.\d+\.0/ tflags DNSWL_DWL_NONE nice net describe DNSWL_DWL_NONE dwl.dnswl.org listed, but no particular trust information available score DNSWL_DWL_NONE -0.1 endif # Mail::SpamAssassin::Plugin::AskDNS Note that this only works on DKIM-signed domains (DKIM_VALID). Any inputs or thoughts are highly appreciated. — Matthias, for the dnswl.org project
