In our infra we use spamassassin to scan our **outgoing** mails too. This
is to prevent spammers using our infra to send mails and get our IP's
blacklisted. We perform various DNSBL tests on the mail body.

One of our IPs got listed in Spamhaus SBL for some reason, so now our
outgoing mails are getting detected as spam if the email body contains our
local domainname whose IP is listed in SBL(hitting URIBL_SBL rule).
We have hundreds of domainnames mapped to an single IP.

Is there a way to exclude local IP from DNSBL checks. For eg: if there is a
local domainname xyz.org present in the mail body, then spamassassin should
not mark it as spam even if A or NS record for xyz.org is listed in SBL.

I tried the following things which did not work.
1. Adding the local IP in "trusted_network" and "internal_network" in
2. Using uridnsbl_skip_domain "<domainname>" directives in local.cf works.
But adding hundreds of local domains doesn't seem like a solution.

Some details:
SpamAssassin Server version 3.4.1
Spamassassin rule which matched:
uridnssub       URIBL_SBL        zen.spamhaus.org.       A
body            URIBL_SBL        eval:check_uridnsbl('URIBL_SBL')
describe        URIBL_SBL        Contains an URL's NS IP listed in the
Spamhaus SBL blocklist
tflags          URIBL_SBL        net
reuse           URIBL_SBL


Reply via email to