In our infra we use spamassassin to scan our **outgoing** mails too. This
is to prevent spammers using our infra to send mails and get our IP's
blacklisted. We perform various DNSBL tests on the mail body.
One of our IPs got listed in Spamhaus SBL for some reason, so now our
outgoing mails are getting detected as spam if the email body contains our
local domainname whose IP is listed in SBL(hitting URIBL_SBL rule).
We have hundreds of domainnames mapped to an single IP.
Is there a way to exclude local IP from DNSBL checks. For eg: if there is a
local domainname xyz.org present in the mail body, then spamassassin should
not mark it as spam even if A or NS record for xyz.org is listed in SBL.
I tried the following things which did not work.
1. Adding the local IP in "trusted_network" and "internal_network" in
2. Using uridnsbl_skip_domain "<domainname>" directives in local.cf works.
But adding hundreds of local domains doesn't seem like a solution.
SpamAssassin Server version 3.4.1
Spamassassin rule which matched:
uridnssub URIBL_SBL zen.spamhaus.org. A 127.0.0.2
body URIBL_SBL eval:check_uridnsbl('URIBL_SBL')
describe URIBL_SBL Contains an URL's NS IP listed in the
Spamhaus SBL blocklist
tflags URIBL_SBL net