SURBL: Difference between revisions
(Created page with "SURBLs (SURBL - Spam URI Realtime Blocklists) differ from most other RBLs in that they're used to detect spam based on message body URIs (usually web sites). Unlike most other RBLs, SURBLs are not used to identify spam senders. Instead they allow you to identify messages that have spam hosts which are mentioned in message bodies. Here's how to get emails checked against [http://www.surbl.org SURBL] via SpamAssassin with QMailToaster. REQUIRES: current spamassa...") |
No edit summary |
||
Line 1: | Line 1: | ||
[[Configuration#SURBL|Back]]<br> | |||
SURBLs (SURBL - Spam URI Realtime Blocklists) differ from most other [[RBLs]] in that they're used to detect spam based on message body URIs (usually web sites). Unlike most other RBLs, SURBLs are not used to identify spam senders. Instead they allow you to identify messages that have spam hosts which are mentioned in message bodies. | SURBLs (SURBL - Spam URI Realtime Blocklists) differ from most other [[RBLs]] in that they're used to detect spam based on message body URIs (usually web sites). Unlike most other RBLs, SURBLs are not used to identify spam senders. Instead they allow you to identify messages that have spam hosts which are mentioned in message bodies. | ||
Latest revision as of 09:13, 19 October 2024
Back
SURBLs (SURBL - Spam URI Realtime Blocklists) differ from most other RBLs in that they're used to detect spam based on message body URIs (usually web sites). Unlike most other RBLs, SURBLs are not used to identify spam senders. Instead they allow you to identify messages that have spam hosts which are mentioned in message bodies.
Here's how to get emails checked against SURBL via SpamAssassin with QMailToaster.
REQUIRES: current spamassassin-toaster and a caching DNS to be working, and perl modules Mail::SpamAssassin::Plugin::URIDNSBL and Net::DNS::Resolver
As an admin, do yourself a favor and subscribe to a spamassassin list. This will help you keep up with developments in the battle against spam. Subscribe to at least to the digest version. Visit: http://wiki.apache.org/spamassassin/MailingLists
1) Edit /var/qmail/supervise/spamd/run to be:
exec /usr/bin/spamd -x -u vpopmail -s stderr 2>&1
(remove the -L switch, which forces only local rules to be used)
2) As root
# cd /etc/mail/spamassassin # echo 'loadplugin Mail::SpamAssassin::Plugin::URIDNSBL' > local.pre
Note: 1) spamassassin reads all pre files in this directory on startup
2) by creating a local.pre, you prevent a future upgrade of SA from rpmsave'ing (and thus disabling) your customizations without you realizing it. some plugins that people frequently add---razor, pyzor, fuzzyocr (and so on)---are also affected, unless you do it in a local.pre or otherwise named your-name-choice.pre file
3) Test by running
# sudo -u vpopmail -H spamassassin -D --lint
Note, it is ok to get:
dbg: diag: module not installed: Net::Ident ('require' failed) dbg: diag: module not installed: IO::Socket::INET6 ('require' failed) dbg: diag: module not installed: Razor2::Client::Agent ('require' failed)
No other errors? You are good to go.
If the test fails with Net::DNS::Resolver is not installed, install it by doing:
# yum install perl-Net-DNS.i386
Do the same for any other uninstalled modules, then repeat test above and fix until there are no warnings.
4) Restart the spamd daemon. You might want to use Jake's spamd script to do this. Otherwise, simply:
# qmailctl stop # qmailctl start
5) Send yourself an email from outside your domain with http://surbl-org-permanent-test-point.com in the body to make sure the rule is operating properly. It should be tagged as spam big time.
Rules and scoring are stored at /usr/share/spamassassin/. 25_uribl.cf contains the SURBL rules, and 50_scores.cf contains scores for all rules.
Sit back and watch those spam scores rise and get rejected. :)