[Rspamd-Users] false positive hashes in Rspamd e-mail blacklist
Tim Harman
tim at muppetz.com
Tue May 21 18:29:29 UTC 2019
On 21/05/2019 10:45 pm, Sophie Loewenthal wrote:
> # dig +noadditional +noquestion +nocomments +nocmd +nostats +short
> pdj11uthygksitexhj564i1yyehsjbft.email.rspamd.com. @8.8.4.4
> 127.0.0.2
>
> How come there is a lookup to rspamd? How does this rbl work ; Is
> rspamd.com involved in spamtrapping/robles's services and how is the
> data collected?
>
> Are rspamd installations email being sent to rspamd in some format,
> and if so how can this be disabled?
rspamd has some checks, yes. See https://bl.rspamd.com
rspamd takes a _hash_ of the email and checks that hash, using dns,
against their rbl.
rspamd also checks urls in the email and validates those against the
rbl, again using DNS.
So, 1 way hashes of emails are being sent for checking, and urls in
emails are being sent for checking. The *contents* of your emails are
not.
Note this is how other SURBLs work too.
If you want to disable them, look at the SURBL module and disable
"RSPAMD_URIBL" same as you'd disable any other SURBL check.
[I have nothing to do with the operation of these BLs, I'm just a user]
Tim
More information about the Users
mailing list