On 8/14/2013 11:25 AM, Axb wrote:
On 08/14/2013 05:15 PM, Nigel Smith wrote:
That's the point I'm trying to make here. SA is parsing from parts
it should not be !! The whole Zen or no Zen thing that some
others are going on about is not really relevant. SA should **NOT**
be reading the parts it is !
SA is doing it right - your rules are wrong.
pls try this - watch out for line MUA breaks!!!!!
header __ITS_RCVD_IN_ZEN eval:check_rbl('zen', 'zen.dnsbl.')
describe __ITS_RCVD_IN_ZEN Received via a relay in Spamhaus Zen
tflags __ITS_RCVD_IN_ZEN net
reuse __ITS_RCVD_IN_ZEN
header ITS_RCVD_IN_SBL eval:check_rbl_sub('zen', '127.0.0.2')
describe ITS_RCVD_IN_SBL Received via a relay in Spamhaus SBL
tflags ITS_RCVD_IN_SBL net
reuse ITS_RCVD_IN_SBL
# XBL is the Exploits Block List: http://www.spamhaus.org/xbl/
header ITS_RCVD_IN_XBL eval:check_rbl('zen-lastexternal', 'zen.dnsbl.',
'^127\.0\.0\.[45678]$')
describe ITS_RCVD_IN_XBL Received via a relay in Spamhaus XBL
tflags ITS_RCVD_IN_XBL net
reuse ITS_RCVD_IN_XBL
# PBL is the Policy Block List: http://www.spamhaus.org/pbl/
header ITS_RCVD_IN_PBL eval:check_rbl('zen-lastexternal', 'zen.dnsbl.',
'^127\.0\.0\.1[01]$')
describe ITS_RCVD_IN_PBL Received via a relay in Spamhaus PBL
tflags ITS_RCVD_IN_PBL net
reuse ITS_RCVD_IN_PBL
As I posted previously, the safer way to do it is to tell your recursor
to forward all spamhaus queries to you local rblsnd and NOT to tinker
with SA rules but then...
What I do is have my MTA reject connections based on Zen. This way, SA
doesn't even have to look at those messages. Much simpler and cleaner.
--
Bowie
