[Rspamd-Users] RBL module, default_received and default_from

Riccardo Alfieri riccardo.alfieri at spamteq.com
Mon Feb 24 14:20:48 UTC 2020


the default configuration in rbl.conf is the following:

rbl {
   default_from = true;
   default_received = false;
     spamhaus {
       symbol = "SPAMHAUS"; # Augmented by prefixes
       rbl = "zen.spamhaus.org";
       ipv6 = true;
       received = true;
       from = true;

As far as I understood, this means that by default, all the IPs in the 
received chain are tested.

I then added in my local.d/rbl.conf the following config:

rbls {
     spamhaus {
         from = false;
     spamhaus_from {
         from = true;
         received = false;
         returncodes {
           SPAMHAUS_ZEN = [ "", "", "", 
"", "", "", "", "", 
"" ];

I was hoping that, by doing that, the "spamhaus_from" section would 
*only* check the connecting IP, while the "spamhaus" one would check the 
received chain *except* the connecting IP. Unfortunately this is not 
happening. In cases of direct-to-mx bots, I see both rules appearing in 
the logs:

2020-02-24 14:XX:XX #11691(normal) ... (default: T (reject): 

I think it would be more correct if only the SPAMHAUS_ZEN would have 
been triggered in this case, as there is no received chain to inspect.

Am I doing something wrong or is this expected behaviour?


Best regards,
Riccardo Alfieri

Spamhaus Technology

More information about the Users mailing list