dnsbl: xml/dnsbl.in comparison

comparison xml/dnsbl.in @ 171:8deb51871b3d

fix pre/post scripts in rpm spec file

author	carl
date	Thu, 30 Aug 2007 14:40:03 -0700
parents	bd33eaccfed8
children	d3189495ec68

comparison

equal deleted inserted replaced

-:bd33eaccfed8
+:8deb51871b3d
 context main-default {
 // outbound dnsbl filtering to catch our own customers that end up on the sbl
 dnsbl   localp  partial.blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
 dnsbl   local   blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
 dnsbl   sbl     sbl-xbl.spamhaus.org        "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
-dnsbl   dul     dul.dnsbl.sorbs.net         "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s";
+dnsbl_list  local sbl;
-dnsbl_list  local sbl dul;
 // outbound content filtering to prevent our own customers from sending spam
 content on {
 filter    sbl-xbl.spamhaus.org        "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
 uribl     multi.surbl.org             "Mail containing %s rejected - surbl; see http://www.rulesemporium.com/cgi-bin/uribl.cgi?bl0=1&domain0=%s";
 html_tags { include "html-tags.conf"; };
 html_limit on 20 "Mail containing excessive bad html tags rejected";
 html_limit off;
 host_limit on 20 "Mail containing excessive host names rejected";
 host_limit soft 20;
+spamassassin 4;
 };
 // backscatter prevention - don't send bounces for mail that we accepted but could not forward
 // we only send bounces to our own customers
 env_from unknown {
 "<>"    black;
 };
 // hourly recipient rate limit by smtp auth client id
 rate_limit 30 { // default
-fred 100;   // override default limits
+#fred 100;   // override default limits
-joe  10;    // ""
+#joe  10;    // ""
 };
 };
-context sample {
+context main {
+dnsbl   localp  partial.blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
 dnsbl   local   blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
 dnsbl   sbl     sbl-xbl.spamhaus.org        "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
 dnsbl   xbl     xbl.spamhaus.org            "Mail from %s rejected - xbl; see http://www.spamhaus.org/query/bl?ip=%s";
-dnsbl   dul     dul.dnsbl.sorbs.net         "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s";
+dnsbl_list  local sbl;
-dnsbl_list  local sbl dul;
 content on {
 filter    sbl-xbl.spamhaus.org        "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
 uribl     multi.surbl.org             "Mail containing %s rejected - surbl; see http://www.rulesemporium.com/cgi-bin/uribl.cgi?bl0=1&domain0=%s";
 #uribl    black.uribl.com             "Mail containing %s rejected - uribl; see http://l.uribl.com/?d=%s";
 ignore    { include "hosts-ignore.conf"; };
 tld       { include "tld.conf"; };
 cctld     { include "cctld.conf"; };
 html_tags { include "html-tags.conf"; };
-html_limit on 20 "Mail containing excessive bad html tags rejected";
 html_limit off;
-host_limit on 20 "Mail containing excessive host names rejected";
 host_limit soft 20;
-};
+spamassassin 5;
+};
+generic "(^|[.-])(host)?([0-9]{1,3}[.-](Red-|dynamic[.-])?){4}"
+"your mail server %s seems to have a generic name";
 env_to {
+# !! replace this with your domain names
 # child contexts are not allowed to specify recipient addresses outside these domains
-# leave this outer global context env_to empty to allow arbitrary recipients in child contexts
+# or leave this empty to allow unrestricted child contexts
-mydomain.com;
+# example.com;
-customer1.com;
-customer1a.com;
-customer1b.com;
-customer2.com;
-customer2a.com;
-customer2b.com;
 };
 context whitelist {
 content off {};
 env_to {
-# dcc_to ok { include "/var/dcc/whitecommon"; };    # copy the dcc OK values (env_to) into this context
+# dcc_to ok { include "/var/dcc/whitecommon"; };
 };
 env_from white {};      # white forces all unmatched from addresses (everyone in this case) to be whitelisted
 # so all mail TO these env_to addresses is accepted
 };
-context minimal {
-dnsbl_list sbl dul;
-content on {};
-env_to {
-sales@mydomain.com;
-};
-};
-context blacklist {
-env_to {
-dcc_to many { include "/var/dcc/whitecommon"; };    # copy the dcc MANY values (env_to) into this context
-old-employee@mydomain.com;
-};
-env_from black {};      # black forces all unmatched from addresses (everyone in this case) to be blacklisted
-# so all mail TO these env_to addresses is rejected
-};
-context vp {    # special context for the vp
-env_to {
-vp@mydomain.com;
-};
-env_from inherit {
-nai.com                 black;      # the vp does not like nai
-yahoo.com               unknown;    # override parent context blacklisting
-mother@spammyisp.com    white;      # suppress dnsbl checking
-};
-};
-context customer1 {
-dnsbl_list sbl dul;
-env_to {
-customer1.com;
-customer1a.com;
-customer1b.com;
-};
-# we can reject unknown users
-verify mail.customer1.com;
-# whitelist anyone to whom we have sent mail in the last 90 days
-autowhite 90 "autowhite/customer1";
-context customer1a {
-env_to {
-customer1a.com;
-};
-env_from black {                        # blacklist everything
-first@acceptable.com    unknown;    # except these specific envelope senders
-second@another.com      unknown;
-yahoo.com               inherit;    # delegate to the parent
-};
-};
-env_from {  # default value of the default is inherit
-yahoo.com           black;      # no mail from yahoo
-first@yahoo.com     unknown;    # except this one
-};
-};
-context customer2 {
-dnsbl_list sbl;
-env_to {
-customer2.com;
-customer2a.com;
-customer2b.com;
-};
-};
-# this is at the end, so that these abuse@ and postmaster@ entries will
-# override any conflicting entries inside the customer contexts.
 context abuse {
 dnsbl_list xbl;
 content off {};
 env_to {
-abuse@;             # no content filtering on abuse reports
+abuse@              # no content filtering on abuse reports
-postmaster@;        # ""
+postmaster@         # ""
 };
 env_from unknown {};    # ignore all parent white/black listing
 };
+context minimal {
+dnsbl_list sbl;
+content on {};
+generic "^$ " " ";      # regex cannot match, to disable generic rdns rejects
+env_to {
+};
+};
+context blacklist {
+env_to {
+# dcc_to many { include "/var/dcc/whitecommon"; };
+};
+env_from black {};      # black forces all unmatched from addresses (everyone in this case) to be blacklisted
+# so all mail TO these env_to addresses is rejected
+};
 env_from unknown {
-dcc_from { include "/var/dcc/whitecommon"; };   # copy the dcc OK/MANY values (env_from, substitute mail_host) into this context
+abuse@  abuse;  # replies to abuse reports use the abuse context
-abuse@              abuse;      # replies to abuse reports use the abuse context
+# dcc_from { include "/var/dcc/whitecommon"; };
-yahoo.com           black;      # don't take mail from yahoo
+};
-spammer@example.com black;
-};
+autowhite 90 "autowhite/my-auto-whitelist";
+# install should create /etc/dnsbl/autowhite writable by userid dnsbl
 };]]></literallayout>
 </refsect1>
 <refsect1 id='version.5'>
 <title>CVS Version</title>

Mercurial > dnsbl

comparison xml/dnsbl.in @ 171:8deb51871b3d