DNSEVAL - look up URLs against DNS blocklists
loadplugin Mail::SpamAssassin::Plugin::DNSEval
rbl_headers EnvelopeFrom,Reply-To,Disposition-Notification-To
header RBL_IP eval:check_rbl_headers('rbl', 'rbl.example.com.', '127.0.0.2')
describe RBL_IP From address associated with spam domains
tflags RBL_IP net
reuse RBL_IP
Supported extra tflags from SpamAssassin 3.4.3:
domains_only - only non-IP-address "host" components are queried
ips_only - only IP addresses as the "host" component will be queried
The DNSEval plugin queries dns to see if a domain or an ip address present on
one of email's headers is on a particular rbl.
The following options can be used in both site-wide
("local.cf") and user-specific
("user_prefs") configuration files to
customize how SpamAssassin handles incoming email messages.
- rbl_headers
-
This option tells SpamAssassin in which headers to check for content
used to query the specified rbl.
If on the headers content there is an email address, an ip address
or a domain name, it will be checked on the specified rbl.
The configuration option can be overridden by passing an headers list as
last parameter to check_rbl_headers.
The default headers checked are:
- EnvelopeFrom
- Reply-To
- Disposition-Notification-To
- X-WebmailclientIP
- X-Source-IP
- check_rbl_from_domain
- This checks all the from addrs domain names as an alternate to
check_rbl_from_host. As of v3.4.1, it has been improved to include a
subtest for a specific octet.
- check_rbl_ns_from
- This checks the dns server of the from addrs domain name. It is possible
to include a subtest for a specific octet.
- check_rbl_rcvd
- This checks all received headers domains or ip addresses against a
specific rbl. It is possible to include a subtest for a specific
octet.