[Rspamd-Users] RBLs for domain registrations in past 24 hours
Sophie Loewenthal
sophie at klunky.co.uk
Tue Apr 28 17:11:58 UTC 2020
> On 28 Apr 2020, at 18:55, Riccardo Alfieri <riccardo.alfieri at spamteq.com> wrote:
>
> On 28/04/20 18:46, Sophie Loewenthal wrote:
>
>> Hi Nihad,
>>
>> Ahh this was it. Thank-you.
>> ZRD (Zero Reputation Domains) and AuthBL.
>> How can this be configured into rspamd, or it is already in there?
>>
>> I already have this in /etc/rspamd/local.d/surbl.conf,
>> "DBL" {
>> suffix = "xxxREDATEDxxx.dbl.dq.spamhaus.net";
>> noip = true;
>> }
>
> Hi,
>
> ZRD is already included in the ruleset if you download the rules from our github repo: https://github.com/spamhaus/rspamd-dqs
>
> Specifically, in rbl.conf, section "spamhaus_zrd".
>
> You can tweak the return codes for more granularity if you want; more info at: https://docs.spamhaustech.com/10-data-type-documentation/datasets/030-datasets.html#zrd
>
> --
> Best regards,
> Riccardo Alfieri
>
> Spamhaus Technology
> https://www.spamhaustech.com/
Thanks. I misread the earlier reference to the git page.
I've added the rbl.conf rbl_group.conf to my configuration.
Restarting popped up this message in the logs:
2020-04-28 17:08:06 #6927(controller) <mhqofi>; monitored; rspamd_monitored_dns_cb: DNS reply returned 'no error' for REDACTED.zrd.dq.spamhaus.net while 'no records with this name' was expected when querying for '1.0.0.127.REDACTED.zrd.dq.spamhaus.net'(likely DNS spoofing or BL internal issues)
Shall I worry about this message? What does it mean by "no error" and "likely DNS spoofing or BL internal issues"?
More information about the Users
mailing list