DNSEVAL − look up URLs against DNS blocklists
loadplugin
Mail::SpamAssassin::Plugin::DNSEval
rbl_headers
EnvelopeFrom,Reply−To,Disposition−Notification−To
header RBL_IP eval:check_rbl_headers('rbl',
'rbl.example.com.', '127.0.0.2')
describe RBL_IP From address associated with spam domains
tflags RBL_IP net
reuse RBL_IP
Supported extra tflags from SpamAssassin 3.4.3:
domains_only − only non−IP−address
"host" components are queried
ips_only − only IP addresses as the "host"
component will be queried
The DNSEval plugin queries dns to see if a domain or an ip address present on one of email’s headers is on a particular rbl.
The following
options can be used in both site-wide ("local.cf")
and user-specific ("user_prefs") configuration
files to customize how SpamAssassin handles incoming email
messages.
rbl_headers
This option tells SpamAssassin
in which headers to check for content
used to query the specified rbl.
If on the headers content there is an email address, an ip
address
or a domain name, it will be checked on the specified rbl.
The configuration option can be overridden by passing an
headers list as
last parameter to check_rbl_headers.
The default headers checked are:
|
• |
EnvelopeFrom |
|||
|
• |
Reply-To |
|||
|
• |
Disposition-Notification-To |
|||
|
• |
X−WebmailclientIP |
|||
|
• |
X−Source-IP |
check_rbl_from_domain
This checks all the from addrs domain names as an alternate to check_rbl_from_host. As of v3.4.1, it has been improved to include a subtest for a specific octet.
check_rbl_ns_from
This checks the dns server of the from addrs domain name. It is possible to include a subtest for a specific octet.
check_rbl_rcvd
This checks all received headers domains or ip addresses against a specific rbl. It is possible to include a subtest for a specific octet.