On Wednesday, December 8, 2004, 8:00:40 AM, Tomo Takebe wrote:
We run a local rbldnsd daemon on the mail server and have an update script to add/modify whitelisted domain names with a bitmask of 0 in the multi.surbl.org.rbldnsd list whenever it is rsynced. (example: "upenn.edu :127.0.0.0:Whitelisted")
This way spamd does not take up extra memory in each of its process (6 running) and just increase rbldnsd memory usage. This is redundant but it prevents against accidental blacklisting on any of the SURBLs and satisfies the business managers.
If we want to locally whitelist domains or IPs, there is already a built-in URIDNSBL function for that:
http://spamassassin.apache.org/full/3.0.x/dist/rules/25_uribl.cf
# Top 125 domains whitelisted by SURBL uridnsbl_skip_domain yahoo.com w3.org msn.com com.com yimg.com uridnsbl_skip_domain hotmail.com doubleclick.net flowgo.com ebaystatic.com aol.com [...]
SpamCopURI also has a built-in whitelist function:
http://sourceforge.net/projects/spamcopuri/
whitelist_spamcop_uri *.yahoo.com
http://www.surbl.org/spamcop_uri.cf.022-updated.txt
IMO using either of these would probably be a better, simpler solution, especially since they are built in and designed for that purpose.
They both prevent those specific domains from being checked. They do not provide a negative score or bypass the message around other testing, including any other URIs that happen to be in the message. So if a message has a URI for yahoo.com and hugepillspammer.com, hugepillspammer.com will *still* get checked.
We also modify the URIDNSBL.pm in spamassassin to use DNS lookup with a local resolv.conf file containing 127.0.0.1 so that rbldnsd can run in the mail server without affecting normal DNS lookup operations. This isn't documented anywhere but it could be a useful feature to allow URIDNSBL.pm to choose the resolving hosts instead of using the system default.
A more standard way to do this is to run rbldnsd on address 127.0.0.1 and tell BIND to forward requests for multi.surbl.org over to 127.0.0.1. Please see:
http://njabl.org/rsync.html http://www.surbl.org/rbldnsd-bind-freebsd.html http://www.surbl.org/rbldnsd-howto.html
Hope this helps,
Jeff C. -- "If it appears in hams, then don't list it."