I actually take that back in our local.cf we have
urirhssub URIBL_BLACK multi.uribl.com. A 2
body URIBL_BLACK eval:check_uridnsbl('URIBL_BLACK')
describe URIBL_BLACK Contains an URL listed in the URIBL blacklist
tflags URIBL_BLACK net
score URIBL_BLACK 3.0
urirhssub URIBL_GREY multi.uribl.com. A 4
body URIBL_GREY eval:check_uridnsbl('URIBL_GREY')
describe URIBL_GREY Contains an URL listed in the URIBL greylist
tflags URIBL_GREY net
score URIBL_GREY 0.25
John Hardin wrote:
>
> On Fri, 24 Sep 2010, njjrdell wrote:
>
>> http://pastebin.com/zAvghCQJ
>>
>> Hello sorry for the newbie question, one of our users is getting slammed
>> by these. I'm wondering which rules should be stopping these.
>
> That hits URIBL. Do you have network tests and URIBL lookups enabled?
>
> --
> John Hardin KA7OHZ http://www.impsec.org/~jhardin/
> jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
> key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> Individual liberties are always "loopholes" to absolute authority.
> -----------------------------------------------------------------------
> 84 days until TRON Legacy
>
>
--
View this message in context:
http://old.nabble.com/What-rules-should-be-stopping-these-tp29801831p29802135.html
Sent from the SpamAssassin - Users mailing list archive at Nabble.com.
