--- a/xml/dnsbl.in	Sun Mar 12 10:20:59 2006 -0800
+++ b/xml/dnsbl.in	Sun Mar 12 12:38:43 2006 -0800
@@ -320,14 +320,26 @@
             </orderedlist>
             <para>
                 If content filtering is enabled for this body, the mail text is decoded
-                (uuencode, base64, mime, html entity, url encodings), scanned for HTTP
-                and HTTPS URLs, and the first &lt;configurable&gt; host names are
-                checked for their presence on the single &lt;configurable&gt; DNSBL.
-                The only known list that is suitable for this purpose is the SBL.  If
-                any of those host names are on that DNSBL (or have nameservers that are
-                on that list), and it is not on the &lt;configurable&gt; ignore list,
-                the mail is rejected.  We also scan for excessive bad html tags, and if
-                a &lt;configurable&gt; limit is exceeded, the mail is rejected.
+                (uuencode, base64, mime, html entity, url encodings), and scanned for HTTP
+                and HTTPS URLs or bare host names.  Hostnames must be either ip address
+                literals, or must end in a string defined by the TLD list.  The first
+                &lt;configurable&gt; host names are checked as follows.
+            </para>
+            <para>
+                The only known list that is suitable for the content filter DNSBL is the
+                SBL.  If the content filter DNSBL is defined, and any of those host
+                names resolve to ip addresses that are on that DNSBL (or have
+                nameservers that are on that list), and the host name is not on the
+                &lt;configurable&gt; ignore list, the mail is rejected.
+            </para>
+            <para>
+                If the content uribl DNSBL is defined, and any of those host names are
+                on that DNSBL, and the host name is not on the &lt;configurable&gt;
+                ignore list, the mail is rejected.
+            </para>
+            <para>
+                We also scan for excessive bad html tags, and if a &lt;configurable&gt;
+                limit is exceeded, the mail is rejected.
             </para>
         </refsect1>
 
@@ -513,11 +525,13 @@
 DNSBLLIST  = "dnsbl_list" {NAME}+
 
 CONTENT    = "content" ("on" | "off") "{" {CONTENT-ST}+ "}"
-CONTENT-ST = (FILTER | IGNORE | TLD | HTML-TAGS | HTML-LIMIT |
-                                                  HOST-LIMIT) ";"
+CONTENT-ST = (FILTER | URIBL | IGNORE | TLD | CCTLD | HTML-TAGS |
+              HTML-LIMIT | HOST-LIMIT) ";"
 FILTER     = "filter" DNSPREFIX ERROR-MSG
+URIBL      = "uribl"  DNSPREFIX ERROR-MSG
 IGNORE     = "ignore"     "{" {HOSTNAME [";"]}+ "}"
 TLD        = "tld"        "{" {TLD      [";"]}+ "}"
+CCTLD      = "cctld"      "{" {TLD      [";"]}+ "}"
 HTML-TAGS  = "html_tags"  "{" {HTMLTAG  [";"]}+ "}"
 ERROR-MSG  = string containing exactly two %s replacement tokens
              for the client ip address
@@ -553,8 +567,11 @@
 
     content on {
         filter    sbl-xbl.spamhaus.org        "Mail containing %s rejected - sbl; see http://www.spamhaus.org/query/bl?ip=%s";
+        uribl     multi-surbl.org             "Mail containing %s rejected - surbl; see http://www.rulesemporium.com/cgi-bin/uribl.cgi?bl0=1&domain0=%s";
+        #uribl    black.uribl.com             "Mail containing %s rejected - uribl; see http://l.uribl.com/?d=%s";
         ignore    { include "hosts-ignore.conf"; };
         tld       { include "tld.conf"; };
+        cctld     { include "cctld.conf"; };
         html_tags { include "html-tags.conf"; };
         html_limit on 20 "Mail containing excessive bad html tags rejected";
         html_limit off;