All DNSBL results are cached for the period defined in RBLCacheExp. DNSBL/RBL is skipped for:
- acceptAll Mail - outgoing mail - contentOnly - noprocessing (IP and adresses) (by size is ignored) - RWL trusted - whitelisted if RBLWL is not set - noRBL - IP in white PenalyBox - RBL spam lovers - all spam lovers check DKIMWLAddresses and DKIMNPAddresses There is a hidden config parameter to control the DKIM pass action. $DKIMpassAction = 7; # (0..7) if DKIM pass: bit-0 = set rwlok to 1 (medium trust status), bit-1 = skip penaltybox-check, bit-2 = set IP-score to zero - default is 7 (all bits set) To change this - edit the assp.pl (line 442 in build 19007) or - better set (add the line) $main::DKIMpassAction = 0; # to 0....7 - what ever you want in 'sub set' of lib/CorrectASSPcfg.pm Thomas Von: "Phil Quesinberry" <pques...@qsystemsengineering.com> An: "'For Users of ASSP'" <assp-user@lists.sourceforge.net> Datum: 04.06.2019 18:43 Betreff: [Assp-user] RBL checks not always being done My messages don’t seem to be making it to the list so I’m trying again after refreshing my list settings. My apologies if this is a duplicate. We’re noticing some emails which are pretty obviously spam and are listed on DNSBLs like Spamhaus Zen but are making it through anyway. Looking at the log, RBL checks are not being done on these emails. We’re using a local caching recursive DNS resolver (unbound) and it’s working fine, but what seems to be happening is the messages pass some sort of check like DKIM or SPF, and then they seem to get the all clear without doing the RBL checks. If they fail the DKIM check or there’s something else that scores against them, then DNSBL/URIBL checks are done. So it seems that all a spammer really has to do is properly sign their spam emails coming from wespamyou.com and the Jedi mind trick is complete. “There’s no spam to see here, move along.” I’m not seeing any settings relevant to this that would seem to change this behavior, is there something I’m missing? Also, on a semi-related note, is there a setting that allows you to cache DNSBL misses like URIBLCacheIntervalMiss does for URIBLs, or does that setting also apply to DNSBLs as well? Being able to cache misses for just 5 or 10 minutes could significantly reduce query traffic for sites with lots of mail traffic without a huge or lasting impact on accuracy. Thanks! Phil Quesinberry Q Systems Engineering, Inc. Embedded Systems, Telecom, IT (410) 969-8002 Ext.102 http://www.qsystemsengineering.com Virus-free. www.avast.com _______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user DISCLAIMER: ******************************************************* This email and any files transmitted with it may be confidential, legally privileged and protected in law and are intended solely for the use of the individual to whom it is addressed. This email was multiple times scanned for viruses. There should be no known virus in this email! *******************************************************
_______________________________________________ Assp-user mailing list Assp-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-user
