I noticed that the dbl.spamhaus.org had been added to the default for the URIBL. So I decided to update it back to default and give that new one a try. When I did that I started sending some test messages through from my gmail account with a list of domains in the message and I turned the logging on to verbose for URIBL to see what it gets. When I did that, I saw it kick me out a false positive on newegg.com of all places. Finding this odd I went and checked on spamhaus.org in their domain lookup tool (http://www.spamhaus.org/lookup.lasso) and it showed that newegg.com is not listed. I am using DNS servers internally in my network, DNS isn't installed locally on the same machine in case you were wondering.
So I reverted back to my old config without the dbl.spamhaus.org in it and everything seems fine, I still get hits properly on the other 2 lists, but I am not sure why this particular list throws up a false positive. Here is a snip of my log from the message in question: Mar-18-10 17:40:47 59246-01086 [URIBL] 74.125.83.46 <mygmailtesta...@gmail.com> to: mylocaltesta...@myemaildomain.com info: URI blackberry.com found in text; Mar-18-10 17:40:47 59246-01086 [URIBL] 74.125.83.46 <mygmailtesta...@gmail.com> to: mylocaltesta...@myemaildomain.com info: URI newegg.com found in text; Mar-18-10 17:40:47 Sending DNS-query to 10.10.10.110 on multi.surbl.org for URIBL checks on newegg.com; Mar-18-10 17:40:47 Sending DNS-query to 10.10.10.110 on black.uribl.com for URIBL checks on newegg.com; Mar-18-10 17:40:47 Sending DNS-query to 10.10.10.110 on dbl.spamhaus.org for URIBL checks on newegg.com; Mar-18-10 17:40:47 Commencing URIBL checks on newegg.com; Mar-18-10 17:40:48 59246-01086 [URIBL] 74.125.83.46 <mygmailtesta...@gmail.com> to: mylocaltesta...@myemaildomain.com [spam found] -- URIBL: fail, newegg.com listed in 1dbl.spamhaus.org<-208.67.216.132; -- [test domains] -> spam/1086.eml; Here is the config portion with the URIBL information in it: ValidateURIBL:=1 URIBLWL:= URIBLNP:= URIBLLocal:= URIBLISP:=1 URIBLServiceProvider:=multi.surbl.org|black.uribl.com URIBLmaxreplies:=3 URIBLmaxhits:=1 URIBLmaxtime:=10 URIBLsocktime:=1 URIBLCCTLDS:=file:files/URIBLCCTLDS.txt URIBLmaxdomains:=10 URIBLwhitelist:=doubleclick.net noURIBL:= AddURIBLHeader:=1 URIBLCacheExp:=24 URIBLLog:=2 URIBLError:=554 5.7.1 Blacklisted by URIBLNAME Contact the postmaster of this domain for resolution. Thanks, Marcus ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
