 |
|
|
|
|
|
|
|
|
|
Jelloir
Joined: 14 Sep 2008
Posts: 31
|
 Posted: Tue Oct 07, 2008 10:28 pm Post subject: Security Sage RBL Dead - Spamassassin |
  |
|
I haven't gotten around yet to setting up my own SA rules which should stop this for me but for anyone else you should be aware that the Security Sage RBL is dead. in other words most of your inbound email will probably be getting tagged with DNS_FROM_SECURITYSAGE=X spam or not, like mine is currently.
http://wiki.apache.org/spamassassin/Rules/DNS_FROM_SECURITYSAGE
Obviously Thomas/DTC Developers might want to review it for future releases unless they already know.
Cheers |
|
| |
|
|
|
|
|
|
|
|
gplhost
Site Admin
Joined: 16 Feb 2005
Posts: 3702
Location: Tampa, florida and Singapore, Malaisia
|
| Posted: Wed Oct 08, 2008 8:42 pm Post subject: |
|
|
What exactly did you change on your SA setup? Where's the thing you changed?
Thomas
_________________
GPLHost:>_ Opensource hosting worldwide
Xen hosting with DTC pre-setup
Helping is not easy when request is not precise: please past logs, don't use "it said" or similar impersonal subjects, and try to be verbose and exhaustive on your problem description. |
|
| |
|
|
|
|
|
|
|
|
Jelloir
Joined: 14 Sep 2008
Posts: 31
|
| Posted: Wed Oct 08, 2008 9:37 pm Post subject: |
|
|
| I haven't changed anything with SA - its default DTC. I just noticed that almost every email was getting tagged the DNS_FROM_SECURITYSAGE and found out that its not in use anymore |
|
| |
|
|
|
|
|
|
|
|
gplhost
Site Admin
Joined: 16 Feb 2005
Posts: 3702
Location: Tampa, florida and Singapore, Malaisia
|
| Posted: Thu Oct 09, 2008 3:36 am Post subject: |
|
|
The current default in DTC is: zen.spamhaus.org,list.dsbl.org. If you don't have this, then you should change it, IMHO. For security sage, I think it's been removed for a long long time, it just stays in your setup as debconf caches the result of your answer.
Thomas
_________________
GPLHost:>_ Opensource hosting worldwide
Xen hosting with DTC pre-setup
Helping is not easy when request is not precise: please past logs, don't use "it said" or similar impersonal subjects, and try to be verbose and exhaustive on your problem description. |
|
| |
|
|
|
|
|
|
|
|
Jelloir
Joined: 14 Sep 2008
Posts: 31
|
|
| |
|
|
|
|
|
|
|
|
malabarbigou
Joined: 01 Jun 2008
Posts: 206
|
| Posted: Thu Oct 09, 2008 8:39 am Post subject: |
|
|
Hi Jelloir,
sa-update don't change anything to :
| Quote: |
header DNS_FROM_SECURITYSAGE eval:check_rbl_envfrom('securitysage', 'blackhole.securitysage.com.')
describe DNS_FROM_SECURITYSAGE Envelope sender in blackholes.securitysage.com
tflags DNS_FROM_SECURITYSAGE net
|
nor the only other place we found "securitysage", 50_scores.cf :
| Quote: |
| /usr/share/spamassassin/50_scores.cf:score DNS_FROM_SECURITYSAGE 0 0.127 0 0.001 # n=0 n=2 |
(I comment it) |
|
| |
|
|
|
|
|
|
|
|
gplhost
Site Admin
Joined: 16 Feb 2005
Posts: 3702
Location: Tampa, florida and Singapore, Malaisia
|
| Posted: Thu Oct 09, 2008 9:55 am Post subject: |
|
|
Hi,
I just removed list.dsbl.org from the standard setup, and kept only zen.spamhaus. This will be with next release.
Thomas
_________________
GPLHost:>_ Opensource hosting worldwide
Xen hosting with DTC pre-setup
Helping is not easy when request is not precise: please past logs, don't use "it said" or similar impersonal subjects, and try to be verbose and exhaustive on your problem description. |
|
| |
|
|
|
|
|
|
|
|
Jelloir
Joined: 14 Sep 2008
Posts: 31
|
| Posted: Thu Oct 09, 2008 10:03 am Post subject: |
|
|
Hi malabarbigou,
After running sa-update you should find /var/lib/spamassassin/VERSION/RULES gets created and restarting Spamassassin should cause Spamassassin to use this directory for rules rather than /usr/share/spamassassin I believe unless DTC does things differently.
I use a script I found online with slight modifications to update the rules. It includes Open Protects rules.
| Code: |
#!/bin/bash
sa-update
code1=$?
if [[ $code1 > 1 ]]; then
echo "problem with sa-update"
fi
sa-update --allowplugins --gpgkey D1C035168C1EBC08464946DA258CDB3ABDE9DC10 --channel saupdates.openprotect.com
code2=$?
if [[ $code2 > 1 ]]; then
echo "problem with openprotect update"
fi
if [[ `expr $code1 + $code2` < 2 ]]; then
spamassassin --lint
code3=$?
if [[ $code3 = 0 ]]; then
/etc/init.d/spamassassin restart >/dev/null
else
echo "spamassassin failed to lint"
fi
fi |
and something like this in crontab
| Code: |
[...]
# Update Spamassassin rules and restart Amavis
0 3 * * * root /etc/spamassassin/update_spam_rules.sh > /dev/null
[...] |
I haven't actually set this up on my DTC yet (using it with a little differently on another mail server) but it should work fine. |
|
| |
|
|
|
|
|
|
|
|
malabarbigou
Joined: 01 Jun 2008
Posts: 206
|
| Posted: Thu Oct 09, 2008 10:13 am Post subject: |
|
|
So "/etc/cron.daily/spamassassin" added by DTC don't "do the job" ?
Thomas, as you can see here http://stats.dnsbl.com/, I think you can add (as I do on my secondary MX) bl.spamcop.net. |
|
| |
|
|
|
|
|
|
|
|
Jelloir
Joined: 14 Sep 2008
Posts: 31
|
| Posted: Thu Oct 09, 2008 10:59 am Post subject: |
|
|
| Sorry I had not noticed the cron.daily for spamassassin. Not sure why it hadn't worked for me as my install has been running for a few weeks now?? |
|
| |
|
|
|
|
|
|
|
|
gplhost
Site Admin
Joined: 16 Feb 2005
Posts: 3702
Location: Tampa, florida and Singapore, Malaisia
|
| Posted: Thu Oct 09, 2008 11:15 am Post subject: |
|
|
No way that I'm going to use this silly spamcop. They are just *bad*, don't reply to requests, and include bad IPs. They are to be avoided at all costs. See the thread in the debian-isp mailing list if you are not sure.
Thomas
_________________
GPLHost:>_ Opensource hosting worldwide
Xen hosting with DTC pre-setup
Helping is not easy when request is not precise: please past logs, don't use "it said" or similar impersonal subjects, and try to be verbose and exhaustive on your problem description. |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
