northtones
Verified User
- Joined
- May 2, 2013
- Messages
- 25
As most of you probably know dnsbl.ahbl.org was shut down the other day, and was basically hitting on everything. We also used it as an RBL and found out it was blocking nearly 75% of the email coming into one of our servers. We removed it from the RBL list and it's been fine.
However, today I noticed I was getting more spam than usual dumped into my spam folder, and took a look at one of the emails that was flagged as spam. It is a Bing Rewards email that usually comes through just fine so I thought it was odd.
Notice the line * 2.4 DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org below which I assume is due to them shutting down, and the reason it's getting flagged on so many emails coming in. Below is the full score breakdown.
My question is, where can I just remove the DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org rule entirely so these emails aren't getting flagged as false positives? I have done a ton of searching, and many posts pointed to /etc/mail/spamassassin/local.cf but I don't see anything in there regarding this rule. I have been grepping all over the server, but not able to find that rule anywhere.. anyone know where it would be located?
X-Spam-Flag: YES
X-Spam-Level: ***
X-Spam-Status: Yes, score=3.3 required=3.1 tests=DNS_FROM_AHBL_RHSBL,
HTML_IMAGE_RATIO_02,HTML_MESSAGE,T_DKIM_INVALID autolearn=no version=3.3.1
X-Spam-Report:
* 2.4 DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org
* 0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Received: from blugmehub14.msn.com ([65.55.234.213] helo=smtpi.msn.com)
by abra.northtone.com with esmtps (TLSv1:AES128-SHA:128)
(Exim 4.72)
(envelope-from <[email protected]>)
id 1Y9Ldd-0005ed-G
However, today I noticed I was getting more spam than usual dumped into my spam folder, and took a look at one of the emails that was flagged as spam. It is a Bing Rewards email that usually comes through just fine so I thought it was odd.
Notice the line * 2.4 DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org below which I assume is due to them shutting down, and the reason it's getting flagged on so many emails coming in. Below is the full score breakdown.
My question is, where can I just remove the DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org rule entirely so these emails aren't getting flagged as false positives? I have done a ton of searching, and many posts pointed to /etc/mail/spamassassin/local.cf but I don't see anything in there regarding this rule. I have been grepping all over the server, but not able to find that rule anywhere.. anyone know where it would be located?
X-Spam-Flag: YES
X-Spam-Level: ***
X-Spam-Status: Yes, score=3.3 required=3.1 tests=DNS_FROM_AHBL_RHSBL,
HTML_IMAGE_RATIO_02,HTML_MESSAGE,T_DKIM_INVALID autolearn=no version=3.3.1
X-Spam-Report:
* 2.4 DNS_FROM_AHBL_RHSBL RBL: Envelope sender listed in dnsbl.ahbl.org
* 0.8 HTML_IMAGE_RATIO_02 BODY: HTML has a low ratio of text to image area
* 0.0 HTML_MESSAGE BODY: HTML included in message
* 0.0 T_DKIM_INVALID DKIM-Signature header exists but is not valid
Received: from blugmehub14.msn.com ([65.55.234.213] helo=smtpi.msn.com)
by abra.northtone.com with esmtps (TLSv1:AES128-SHA:128)
(Exim 4.72)
(envelope-from <[email protected]>)
id 1Y9Ldd-0005ed-G