# Support for dnsbl.sorbs.net et al # See http://www.dnsbl.sorbs.net/ Scheck_rbl # Reject all mail based on dnsbl.sorbs.net # The uncommented section is a one stop query to all of the other sub-zones. #dnsbl dnsbl.sorbs.net R$* $: $(dequote "" $&{client_addr} $) $| $1 R0 $| $* $@ $1 R127.0.0.1 $| $* $@ $1 R$-.$-.$-.$- $| $* $: $(host $4.$3.$2.$1.dnsbl.sorbs.net $: OK $) $| $5 ROK $| $* $@ $1 R$+ $#error $@ 5.7.1 $: " Mail from " $(dequote "" $&{client_addr} $)" refused see http://dnsbl.sorbs.net/lookup.shtml?"$&{client_addr} #dnsbl.end # dnsbl.sorbs.net the breakdown. You need to renumber the rules if you use the following subzones. Understand that delays are # incurred if more than one zone is queried. If you find yourself using many of the zones, you may wish to reconsider the use of the # entire zone dnsbl.sorbs.net #dnsbl http.dnsbl.sorbs.net #R$* $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.http.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.http.dnsbl.sorbs.net. $: OK $) #ROK $: 2 #R$+ $#error $@ 5.7.1 $: " Mail from http proxy server " $(dequote "" $&{client_addr} $)" refused see http://dnsbl.sorbs.net/lookup.shtml?"$&{client_addr} #dnsbl.end #dnsbl socks.dnsbl.sorbs.net #R2 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.socks.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.socks.dnsbl.sorbs.net. $: OK $) #ROK $: 3 #R$+ $#error $@ 5.7.1 $: " Mail from Open SOCKS Proxy " $(dequote "" $&{client_addr} $)" refused see http://dnsbl.sorbs.net/lookup.shtml?"$&{client_addr} #dnsbl.end #dnsbl misc.dnsbl.sorbs.net #R3 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.misc.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.misc.dnsbl.sorbs.net. $: OK $) #ROK $: 4 #R$+ $#error $@ 5.7.1 $: " Mail from Open Proxy " $(dequote "" $&{client_addr} $)" refused see http://dnsbl.sorbs.net/lookup.shtml?"$&{client_addr} #dnsbl.end #dnsbl spamhaus http://www.spamhaus.org # spamhaus.org via spamhaus's sbl (untested) #R3 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.sbl.spamhaus.org. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.sbl.spamhaus.org. $: OK $) #ROK $: 4 #R$+ $#error $@ 5.7.1 $: " Mail from " $(dequote "" $&{client_addr} $)" refused see http://www.spamhaus.org for details. #dnsbl.end #dnsbl Level 1 spews.org via l1.spews.dnsbl.sorbs.net #R4 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.l1.spews.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.l1.spews.dnsbl.sorbs.net. $: OK $) #ROK $: 5 #R$+ $#error $@ 5.7.1 $: " Mail from SPEWS listed site "$(dequote "" $&{client_addr} $)" refused see http://spews.org/?ask="$&{client_addr} #dnsbl.end #dnsbl Level 2 spews http://www.spews.org (Note: Level 2 lists all of Level 1 and more - don't query both) #R5 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.l2.spews.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.l2.spews.dnsbl.sorbs.net. $: OK $) #ROK $: 6 #R$+ $#error $@ 5.7.1 $: " Mail from SPEWS listed site "$(dequote "" $&{client_addr} $)" refused see http://spews.org/?ask="$&{client_addr} #dnsbl.end #dnsbl DUHL http://www.dnsbl.sorbs.net/ Dynamic IP Address blocks #R7 $: $&{client_addr} #R::ffff:$-.$-.$-.$- $: $(host $4.$3.$2.$1.dul.dnsbl.sorbs.net. $: OK $) #R$-.$-.$-.$- $: $(host $4.$3.$2.$1.dul.dnsbl.sorbs.net. $: OK $) #ROK $: 8 #R$+ $#error $@ 5.7.1 $: " Mail from DUHL listed site "$(dequote "" $&{client_addr} $)" refused see http://dnsbl.sorbs.net/lookup.shtml?"$&{client_addr} #dnsbl.end