User Tools

Site Tools


doc:appunti:linux:sa:spamassassin_private_dnsbl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
doc:appunti:linux:sa:spamassassin_private_dnsbl [2020/02/17 18:11] – [Python Script to Manage the Dynami Zone] niccolodoc:appunti:linux:sa:spamassassin_private_dnsbl [2021/10/08 10:45] (current) – [Python script to manage the dynamic zone] niccolo
Line 1: Line 1:
-====== How to use a private DNSBL with SpamAssassin ======+====== How to run a private DNSBL for SpamAssassin ======
  
 Here we will present a recipe to create a personal **[[wp>Domain_Name_System-based_Blackhole_List|Domain Name System-based Blackhole List]]** to be used with **SpamAssassin**. This will enable you to assign a **custom SPAM score** to mails coming from **specific IP addresses** (at the moment only IPv4 addresses). Here we will present a recipe to create a personal **[[wp>Domain_Name_System-based_Blackhole_List|Domain Name System-based Blackhole List]]** to be used with **SpamAssassin**. This will enable you to assign a **custom SPAM score** to mails coming from **specific IP addresses** (at the moment only IPv4 addresses).
Line 33: Line 33:
 </file> </file>
  
-==== The Dynamic Zone ====+==== The dynamic zone ====
  
 Your DNS server will manage a **dynamic zone** dedicated to the DNSBL service. Create a file **/var/cache/bind/bl.rigacci.org** owned by **bind:bind**: Your DNS server will manage a **dynamic zone** dedicated to the DNSBL service. Create a file **/var/cache/bind/bl.rigacci.org** owned by **bind:bind**:
Line 75: Line 75:
  
 <file> <file>
-header        CUSTOM_DNSBL    eval:check_rbl('bl-rigacci','bl.rigacci.org.'+header     LOCAL_CUSTOM_DNSBL    eval:check_rbl('bl-rigacci','bl.rigacci.org.'
-describe      CUSTOM_DNSBL    Entries listed in bl.rigacci.org RBL +describe   LOCAL_CUSTOM_DNSBL    Entries listed in bl.rigacci.org RBL 
-score         CUSTOM_DNSBL    100.0+score      LOCAL_CUSTOM_DNSBL    100.0
 </file> </file>
  
 You can customize the **score** (default SPAM score is 5.0 in SpamAssassin) to match your requirements. You can customize the **score** (default SPAM score is 5.0 in SpamAssassin) to match your requirements.
  
-===== Python Script to Manage the Dynami Zone =====+===== Python script to manage the dynamic zone =====
  
-Finally we need a script to add, remove or query IP address into the DNSBL zone. We have written a **{{.:dnsbl-tool.txt|dnsbl-tool}}** which can be used as follow:+Finally we need a script to add, remove or query IP address into the DNSBL zone. We have written a **{{.:dnsbl-tool.txt|dnsbl-tool}}** (use this one if you have the **python3-dnspython** **2.0.0** library **{{.:dnsbl-tool_0.4.0.txt|dnsbl-tool_0.4.0}}**) which can be used as follow:
  
 <code> <code>
Line 99: Line 99:
 dnsbl-tool -r 192.168.10.1 dnsbl-tool -r 192.168.10.1
 Removing record type "A" for 1.10.168.192.bl.rigacci.org Removing record type "A" for 1.10.168.192.bl.rigacci.org
 +</code>
 +
 +To query the entire zone from the DNS server, you can request an **AXFR** (zone transfer). For doing that, you must do it from an IP address listed into the **allow-transfer** declared into named.conf.local:
 +
 +<code>
 +dig -tAXFR bl.rigacci.org
 </code> </code>
doc/appunti/linux/sa/spamassassin_private_dnsbl.1581959469.txt.gz · Last modified: 2020/02/17 18:11 by niccolo