43
Meaning parameters used:
1) server - DNSBL server name
2) response - DNSBL server response if IP address/domain was found (standard responses are
127.0.0.2, 127.0.0.3, 127.0.0.4., etc.). This parameter is optional, and if not set, all answers will
be considered.
3) offset - value from 0 to 100. Influences overall spam score. Standard value is 100, i.e. in case
of a positive check the message is assigned the spam score of 100 and is evaluated as spam.
Negative values lower the overall spam score of a message. Expect the 0 value also with
messages from senders in the
approvedsenders
file and the value 100 with messages from
senders in the
blockedsenders
file (see below).
DNSBL checks can have negative influence on server performance due to the fact that every
domain/IP address from the message body is checked against all defined DNSBL servers and
every single check requires processing a DNS server request. You can reduce the impact on
system resources by deploying a DNS cache server for this purpose. For the same reason the
non-routable IP addresses (10.x.x.x, 127.x.x.x, 192.168.x.x) are also omitted from DNSBL
checks.
Example 1:
dnsbl_list=ent.adbl.org
DNSBL check is realized against the
ent.adbl.org
server and if there is a positive the message
will be assigned the default offset 100, in other words it will be marked as spam.
Example 2:
dnsbl_list=ent.adbl.org::60
DNSBL check is performed using the
ent.adbl.org
server. If the check is positive, the message
will be assigned an offset of 60 which increases its overall spam score.
Example 3:
dnsbl_list=bx9.dbl.com::85, list.dnb.org:127.0.0.4:35, req.gsender.org::-75
DNSBL check is performed using the defined servers (from left to right). In case of a positive
check on
bx9.dbl.com
the offset of 85 will be added. If the check on
list.dnb.org
will be
positive giving a response of
127.0.0.4
an offset of 35 will be used. No offset will be applied in
cases of answers other than 127.0.0.4. If a check is positive on
req.gsender.org
the spam
score will be decreased by 75 points (negative value).
home_country_list
List of countries, that will be considered "home". Messages routed through a country not on
this list will be evaluated using more strict rules (higher spam score will be applied). Entry
format for countries is their two character code in compliance with ISO 3166.
home_language_list
List of preferred languages - i.e. languages that are the most used in your email messages.
Such messages will be evaluated using less strict rules (lower spam score). Entry format for
languages is their two character code in compliance with ISO 639.
custom_rules_list
Allows to define custom lists of rules and store each to an individual file. Each rule is stored on
a separate line in the file and the following format is used:
Phrase
,
Type
,
Confidence
,
CaseSensitivity
Phrase
- any text, must not contain commas (,)
Type
- can have the following values: SPAM, PHISH, BOUNCE, ADULT, FRAUD. If you enter
other value that those listed above, the SPAM value will be used automatically. SPAM defines
phrases that occurr in classical spam messages (offers of goods and services). PHISH are
phrases occurring in fraudulent messages (phishing), that are aimed at extraction of
confidential data (names, passwords, credid card numbers, etc.) from users. BOUNCE are
phrases used in automatic server responses - Non-Delivery Notification (used when spoofing
sender's address). ADULT represents phrases typical for messages offering pornographical
content. FRAUD stands for phrases used in fraudulent emails (scam) offering suspicious
banking operations (money transfers via your account etc.). Typical representant of this spam
type is the so-called Nigerian spam.
Confidence
- value from 0 to 100. Defines percentual probability of the phrase to be member
of a specific spam category (listed above). If the Type PHISH has the Confidence 90, there is a
very high probability of the phrase being used in phishing messages. The higher the
Confidence score, the bigger impact it exerts on the overall spam score of the message. The
Confidence value of 100 presents a special case, where the message spam score will also be
100, i.e. message will be marked as 100% spam. Analogically, if the value is 0, the message will
