Mercurial > dnsbl
comparison xml/dnsbl.in @ 119:d9d2f8699621
uribl patch from Jeff Evans <jeffe@tricab.com>
| author | carl |
|---|---|
| date | Sun, 12 Mar 2006 12:38:43 -0800 |
| parents | 07e5d4721213 |
| children | e8971c595845 |
comparison
equal
deleted
inserted
replaced
| 118:13fcb0c66763 | 119:d9d2f8699621 |
|---|---|
| 318 this context, and enable content filtering for the body of this message. | 318 this context, and enable content filtering for the body of this message. |
| 319 </para></listitem> | 319 </para></listitem> |
| 320 </orderedlist> | 320 </orderedlist> |
| 321 <para> | 321 <para> |
| 322 If content filtering is enabled for this body, the mail text is decoded | 322 If content filtering is enabled for this body, the mail text is decoded |
| 323 (uuencode, base64, mime, html entity, url encodings), scanned for HTTP | 323 (uuencode, base64, mime, html entity, url encodings), and scanned for HTTP |
| 324 and HTTPS URLs, and the first <configurable> host names are | 324 and HTTPS URLs or bare host names. Hostnames must be either ip address |
| 325 checked for their presence on the single <configurable> DNSBL. | 325 literals, or must end in a string defined by the TLD list. The first |
| 326 The only known list that is suitable for this purpose is the SBL. If | 326 <configurable> host names are checked as follows. |
| 327 any of those host names are on that DNSBL (or have nameservers that are | 327 </para> |
| 328 on that list), and it is not on the <configurable> ignore list, | 328 <para> |
| 329 the mail is rejected. We also scan for excessive bad html tags, and if | 329 The only known list that is suitable for the content filter DNSBL is the |
| 330 a <configurable> limit is exceeded, the mail is rejected. | 330 SBL. If the content filter DNSBL is defined, and any of those host |
| 331 names resolve to ip addresses that are on that DNSBL (or have | |
| 332 nameservers that are on that list), and the host name is not on the | |
| 333 <configurable> ignore list, the mail is rejected. | |
| 334 </para> | |
| 335 <para> | |
| 336 If the content uribl DNSBL is defined, and any of those host names are | |
| 337 on that DNSBL, and the host name is not on the <configurable> | |
| 338 ignore list, the mail is rejected. | |
| 339 </para> | |
| 340 <para> | |
| 341 We also scan for excessive bad html tags, and if a <configurable> | |
| 342 limit is exceeded, the mail is rejected. | |
| 331 </para> | 343 </para> |
| 332 </refsect1> | 344 </refsect1> |
| 333 | 345 |
| 334 <refsect1 id='access.1'> | 346 <refsect1 id='access.1'> |
| 335 <title>Sendmail access vs. DNSBL</title> | 347 <title>Sendmail access vs. DNSBL</title> |
| 511 DNSBL = "dnsbl" NAME DNSPREFIX ERROR-MSG | 523 DNSBL = "dnsbl" NAME DNSPREFIX ERROR-MSG |
| 512 | 524 |
| 513 DNSBLLIST = "dnsbl_list" {NAME}+ | 525 DNSBLLIST = "dnsbl_list" {NAME}+ |
| 514 | 526 |
| 515 CONTENT = "content" ("on" | "off") "{" {CONTENT-ST}+ "}" | 527 CONTENT = "content" ("on" | "off") "{" {CONTENT-ST}+ "}" |
| 516 CONTENT-ST = (FILTER | IGNORE | TLD | HTML-TAGS | HTML-LIMIT | | 528 CONTENT-ST = (FILTER | URIBL | IGNORE | TLD | CCTLD | HTML-TAGS | |
| 517 HOST-LIMIT) ";" | 529 HTML-LIMIT | HOST-LIMIT) ";" |
| 518 FILTER = "filter" DNSPREFIX ERROR-MSG | 530 FILTER = "filter" DNSPREFIX ERROR-MSG |
| 531 URIBL = "uribl" DNSPREFIX ERROR-MSG | |
| 519 IGNORE = "ignore" "{" {HOSTNAME [";"]}+ "}" | 532 IGNORE = "ignore" "{" {HOSTNAME [";"]}+ "}" |
| 520 TLD = "tld" "{" {TLD [";"]}+ "}" | 533 TLD = "tld" "{" {TLD [";"]}+ "}" |
| 534 CCTLD = "cctld" "{" {TLD [";"]}+ "}" | |
| 521 HTML-TAGS = "html_tags" "{" {HTMLTAG [";"]}+ "}" | 535 HTML-TAGS = "html_tags" "{" {HTMLTAG [";"]}+ "}" |
| 522 ERROR-MSG = string containing exactly two %s replacement tokens | 536 ERROR-MSG = string containing exactly two %s replacement tokens |
| 523 for the client ip address | 537 for the client ip address |
| 524 | 538 |
| 525 HTML-LIMIT = "html_limit" ("on" INTEGER ERROR-MSG | "off") | 539 HTML-LIMIT = "html_limit" ("on" INTEGER ERROR-MSG | "off") |
| 551 dnsbl dul dul.dnsbl.sorbs.net "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s"; | 565 dnsbl dul dul.dnsbl.sorbs.net "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s"; |
| 552 dnsbl_list local sbl dul; | 566 dnsbl_list local sbl dul; |
| 553 | 567 |
| 554 content on { | 568 content on { |
| 555 filter sbl-xbl.spamhaus.org "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; | 569 filter sbl-xbl.spamhaus.org "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s"; |
| 570 uribl multi-surbl.org "Mail containing %s rejected - surbl; see http://www.rulesemporium.com/cgi-bin/uribl.cgi?bl0=1&domain0=%s"; | |
| 571 #uribl black.uribl.com "Mail containing %s rejected - uribl; see http://l.uribl.com/?d=%s"; | |
| 556 ignore { include "hosts-ignore.conf"; }; | 572 ignore { include "hosts-ignore.conf"; }; |
| 557 tld { include "tld.conf"; }; | 573 tld { include "tld.conf"; }; |
| 574 cctld { include "cctld.conf"; }; | |
| 558 html_tags { include "html-tags.conf"; }; | 575 html_tags { include "html-tags.conf"; }; |
| 559 html_limit on 20 "Mail containing excessive bad html tags rejected"; | 576 html_limit on 20 "Mail containing excessive bad html tags rejected"; |
| 560 html_limit off; | 577 html_limit off; |
| 561 host_limit on 20 "Mail containing excessive host names rejected"; | 578 host_limit on 20 "Mail containing excessive host names rejected"; |
| 562 host_limit soft 20; | 579 host_limit soft 20; |