Hi Tom,
Getting a filter to do this would be great. I had a similar discussion on
Mastodon the other day and there is an RBL which can be download and used with
spamd.
It already helps a lot on our setup.
I am using the following script to collect the RBLs and to make them usable for
spamd.
### fetch script ###
#!/bin/sh
openrsync rsync-mirrors.uceprotect.net::RBLDNSD-ALL/dnsbl-1.uceprotect.net
/tmp/ > /dev/null 2>&1
openrsync rsync-mirrors.uceprotect.net::RBLDNSD-ALL/dnsbl-2.uceprotect.net
/tmp/ > /dev/null 2>&1
openrsync rsync-mirrors.uceprotect.net::RBLDNSD-ALL/ips.whitelisted.org /tmp/ >
/dev/null 2>&1
openrsync psbl-mirror.surriel.com::psbl/psbl.txt /etc/mail/ > /dev/null 2>&1
# strip out all non IP lines
sed -i '/^#/d;/^\$/d;/^!/d;/^:/d;/Test Record/d' /tmp/dnsbl-1.uceprotect.net
sed -i '/^#/d;/^\$/d;/^!/d;/^:/d;/Test Record/d' /tmp/dnsbl-2.uceprotect.net
sed -i '/^#/d;/^\$/d;/^!/d;/^:/d;/Test Record/d' /tmp/ips.whitelisted.org
# cp dnsbl1
cp /tmp/dnsbl-1.uceprotect.net /etc/mail
# copy only IPs to the destination
awk '{print $1}' /tmp/dnsbl-2.uceprotect.net > /etc/mail/dnsbl-2.uceprotect.net
cp /tmp/ips.whitelisted.org /etc/mail
###
The reason for /dev/null is openrsync doesn't have a quiet mode (yet). :)
### spamd.conf ###
all:\
:nixspam:bsdly:dnsbl-1:dnsbl-2:psbl::dnsbl-white:localwhite:localblack:
dnsbl-1:\
:black:\
:msg="Your address %A is listed on UCEPROTECT-Level 1\n\
See http://www.uceprotect.net/en":\
:method=file:\
:file=/etc/mail/dnsbl-1.uceprotect.net
dnsbl-2:\
:black:\
:msg="Your address %A is listed on UCEPROTECT-Level 2\n\
See http://www.uceprotect.net/en":\
:method=file:\
:file=/etc/mail/dnsbl-2.uceprotect.net
psbl:\
:black:\
:msg="Your address %A is listed on PSBL\n\
See https://psbl.org/":\
:method=file:\
:file=/etc/mail/psbl.txt
dnsbl-white:\
:white:\
:method=file:\
:file=/etc/mail/ips.whitelisted.org
###
Hope this helps.
Mischa
> On 20 Jun 2019, at 00:40, Thomas Smith wrote:
>
> Hi,
>
> I’ve been using a combination of OpenSMTPd and spamd on OpenBSD (currently at
> 6.5) for some time and with success. However, there are still some
> false-negatives and I’m looking at ways of reducing those. One way is by
> making use of RBLs.
>
> (I’ve evaluated delivered spam and the majority of it seems to be coming from
> IPs that are on various blacklists but aren’t being caught by greylisting.)
>
> spamd doesn’t support RBLs, at least that I’ve found, it can only use lists
> that can be downloaded locally—the particular service I’m wanting to use only
> provides DNS-based RBLs. So that’s my problem…
>
> I’m looking for ways of including an RBL in either spamd or OpenSMTPd,
> preferring to stay in OpenBSD base as much as possible. (In other words, I’d
> prefer to not rip out spamd or replace or supplement it with SpamAssassin or
> rspamd—I’d rather find a solution that will plugin _specifically_ for RBLs
> without all of the other bloat that SpamAssassin and similar products bring.
>
> Can anyone offer some input on this please?
>
> I’m not opposed to writing an OpenSMTPd filter, though I’d need to locate
> some documentation for that (I’ve looked but haven’t been able to find it, so
> I’m probably looking in the wrong places—suggestions welcomed).
>
> ~ Tom
>
> --
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
>
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
