On Thu, 2014-06-05 at 16:35 -0700, a pseudonymous Nabble user wrote: > Below is one example of an emails I'm getting. I substituted my domain for > "domain.com" in this example. > Can someone explain, why I have both URIBL_DBL_SPAM /and/ URIBL_BLOCKED in > the same message?
Despite the URIBL prefix, they are NOT part of the same DNSBL. That prefix generally refers to DNSBLs listing URIs. Stock SA rules include three URI blocklist provider (with multiple lists each): SpamHaus, SURBL and URIBL. The URIBL_DBL_* rule is the SpamHaus DBL blocklist. With a single exception, all plain URIBL_* rules are uribl.com. In practical terms, one DNSBL considers the volume of queries abusive. Others don't (yet), or may simply return no hits at all. > * 2.5 URIBL_DBL_SPAM Contains an URL listed in the DBL blocklist > * [URIs: wnqmxubt.eu] > * 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was > blocked. > * See > http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block > * for more information. > * [URIs: wnqmxubt.eu] Did you follow that link we provided you with? That *_BLOCKED rule exists for a reason. For the single reason to inform you about the situation, to help you fix your issue and by that way improve your SA results. The problem is, you are using your ISP's DNS server, just like a million other SA installations. Run your own local, caching, resolving (non-forwarding) DNS. -- char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
