diff xml/dnsbl.in @ 171:8deb51871b3d

fix pre/post scripts in rpm spec file
author carl
date Thu, 30 Aug 2007 14:40:03 -0700
parents bd33eaccfed8
children d3189495ec68
line wrap: on
line diff
--- a/xml/dnsbl.in	Thu Aug 30 14:07:09 2007 -0700
+++ b/xml/dnsbl.in	Thu Aug 30 14:40:03 2007 -0700
@@ -631,8 +631,7 @@
     dnsbl   localp  partial.blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
     dnsbl   local   blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
     dnsbl   sbl     sbl-xbl.spamhaus.org        "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
-    dnsbl   dul     dul.dnsbl.sorbs.net         "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s";
-    dnsbl_list  local sbl dul;
+    dnsbl_list  local sbl;
 
     // outbound content filtering to prevent our own customers from sending spam
     content on {
@@ -647,6 +646,7 @@
         html_limit off;
         host_limit on 20 "Mail containing excessive host names rejected";
         host_limit soft 20;
+        spamassassin 4;
     };
 
     // backscatter prevention - don't send bounces for mail that we accepted but could not forward
@@ -657,17 +657,17 @@
 
     // hourly recipient rate limit by smtp auth client id
     rate_limit 30 { // default
-        fred 100;   // override default limits
-        joe  10;    // ""
+        #fred 100;   // override default limits
+        #joe  10;    // ""
     };
 };
 
-context sample {
+context main {
+    dnsbl   localp  partial.blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
     dnsbl   local   blackholes.five-ten-sg.com  "Mail from %s rejected - local; see http://www.five-ten-sg.com/blackhole.php?%s";
     dnsbl   sbl     sbl-xbl.spamhaus.org        "Mail from %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
     dnsbl   xbl     xbl.spamhaus.org            "Mail from %s rejected - xbl; see http://www.spamhaus.org/query/bl?ip=%s";
-    dnsbl   dul     dul.dnsbl.sorbs.net         "Mail from %s rejected - dul; see http://www.sorbs.net/lookup.shtml?%s";
-    dnsbl_list  local sbl dul;
+    dnsbl_list  local sbl;
 
     content on {
         filter    sbl-xbl.spamhaus.org        "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
@@ -677,119 +677,63 @@
         tld       { include "tld.conf"; };
         cctld     { include "cctld.conf"; };
         html_tags { include "html-tags.conf"; };
-        html_limit on 20 "Mail containing excessive bad html tags rejected";
         html_limit off;
-        host_limit on 20 "Mail containing excessive host names rejected";
         host_limit soft 20;
+        spamassassin 5;
     };
 
+    generic "(^|[.-])(host)?([0-9]{1,3}[.-](Red-|dynamic[.-])?){4}"
+            "your mail server %s seems to have a generic name";
+
     env_to {
+        # !! replace this with your domain names
         # child contexts are not allowed to specify recipient addresses outside these domains
-        # leave this outer global context env_to empty to allow arbitrary recipients in child contexts
-        mydomain.com;
-        customer1.com;
-        customer1a.com;
-        customer1b.com;
-        customer2.com;
-        customer2a.com;
-        customer2b.com;
+        # or leave this empty to allow unrestricted child contexts
+        # example.com;
     };
 
     context whitelist {
         content off {};
         env_to {
-            # dcc_to ok { include "/var/dcc/whitecommon"; };    # copy the dcc OK values (env_to) into this context
+            # dcc_to ok { include "/var/dcc/whitecommon"; };
         };
         env_from white {};      # white forces all unmatched from addresses (everyone in this case) to be whitelisted
                                 # so all mail TO these env_to addresses is accepted
     };
 
+    context abuse {
+        dnsbl_list xbl;
+        content off {};
+        env_to {
+            abuse@              # no content filtering on abuse reports
+            postmaster@         # ""
+        };
+        env_from unknown {};    # ignore all parent white/black listing
+    };
+
     context minimal {
-        dnsbl_list sbl dul;
+        dnsbl_list sbl;
         content on {};
+        generic "^$ " " ";      # regex cannot match, to disable generic rdns rejects
         env_to {
-            sales@mydomain.com;
         };
     };
 
     context blacklist {
         env_to {
-            dcc_to many { include "/var/dcc/whitecommon"; };    # copy the dcc MANY values (env_to) into this context
-            old-employee@mydomain.com;
+            # dcc_to many { include "/var/dcc/whitecommon"; };
         };
         env_from black {};      # black forces all unmatched from addresses (everyone in this case) to be blacklisted
                                 # so all mail TO these env_to addresses is rejected
     };
 
-    context vp {    # special context for the vp
-        env_to {
-            vp@mydomain.com;
-        };
-        env_from inherit {
-            nai.com                 black;      # the vp does not like nai
-            yahoo.com               unknown;    # override parent context blacklisting
-            mother@spammyisp.com    white;      # suppress dnsbl checking
-        };
-    };
-
-    context customer1 {
-        dnsbl_list sbl dul;
-        env_to {
-            customer1.com;
-            customer1a.com;
-            customer1b.com;
+    env_from unknown {
+        abuse@  abuse;  # replies to abuse reports use the abuse context
+        # dcc_from { include "/var/dcc/whitecommon"; };
         };
 
-        # we can reject unknown users
-        verify mail.customer1.com;
-
-        # whitelist anyone to whom we have sent mail in the last 90 days
-        autowhite 90 "autowhite/customer1";
-
-        context customer1a {
-            env_to {
-                customer1a.com;
-            };
-            env_from black {                        # blacklist everything
-                first@acceptable.com    unknown;    # except these specific envelope senders
-                second@another.com      unknown;
-                yahoo.com               inherit;    # delegate to the parent
-            };
-        };
-
-        env_from {  # default value of the default is inherit
-            yahoo.com           black;      # no mail from yahoo
-            first@yahoo.com     unknown;    # except this one
-        };
-    };
-
-    context customer2 {
-        dnsbl_list sbl;
-        env_to {
-            customer2.com;
-            customer2a.com;
-            customer2b.com;
-        };
-    };
-
-    # this is at the end, so that these abuse@ and postmaster@ entries will
-    # override any conflicting entries inside the customer contexts.
-    context abuse {
-        dnsbl_list xbl;
-        content off {};
-        env_to {
-            abuse@;             # no content filtering on abuse reports
-            postmaster@;        # ""
-        };
-        env_from unknown {};    # ignore all parent white/black listing
-    };
-
-    env_from unknown {
-        dcc_from { include "/var/dcc/whitecommon"; };   # copy the dcc OK/MANY values (env_from, substitute mail_host) into this context
-        abuse@              abuse;      # replies to abuse reports use the abuse context
-        yahoo.com           black;      # don't take mail from yahoo
-        spammer@example.com black;
-    };
+    autowhite 90 "autowhite/my-auto-whitelist";
+    # install should create /etc/dnsbl/autowhite writable by userid dnsbl
 };]]></literallayout>
         </refsect1>