SpamAssassin Usage

URIBL_BLACK & URIBL_GREY

To utilize our lists in SpamAssasin, add the following ruleset to your local configuration directory (ie /etc/mail/spamassassin). Make sure your set your scoring appropriately.

NOTE: If you are using SA 3.0.0 or lower, change the rule from body to header! Or better yet, UPGRADE!

urirhssub       URIBL_BLACK  multi.uribl.com.        A   2
body            URIBL_BLACK  eval:check_uridnsbl('URIBL_BLACK')
describe        URIBL_BLACK  Contains an URL listed in the URIBL blacklist
tflags          URIBL_BLACK  net
score           URIBL_BLACK  3.0

urirhssub       URIBL_GREY  multi.uribl.com.        A   4
body            URIBL_GREY  eval:check_uridnsbl('URIBL_GREY')
describe        URIBL_GREY  Contains an URL listed in the URIBL greylist
tflags          URIBL_GREY  net
score           URIBL_GREY  0.25

URIBL_GOLD

URIBL Gold is integrated in the multi.txt zone file provided to datafeed users. This zone file contains domains that we believe will appear in future spam email, and can be utilize in SpamAssassin by pointing this rule to your local multi zone. No default score is assigned, please test its accuracy on your network before assigning it a score!

urirhssub       URIBL_GOLD  multi.your-domain.tld.        A   16
body            URIBL_GOLD  eval:check_uridnsbl('URIBL_GOLD')
describe        URIBL_GOLD  Contains an URL listed in the URIBL greylist
tflags          URIBL_GOLD  net
# score         URIBL_GOLD  3.0
score           URIBL_GOLD  0.01

URIBL_BLACK_NS

Datafeed users have the ability to load the black_ns.txt zone locally to utilize this rule.

# Example SpamAssassin Rule usage
#   - urifullnsrhssub requires SpamAssassin 3.3x or higher! 
#   - Change blackns.your-domain.tld to the host you have this data loaded in
#   - Rescore from 0.01 after testing effectiveness on your mail flow
urifullnsrhssub	URIBL_BLACK_NS        blackns.your-domain.tld.  A 2
body            URIBL_BLACK_NS        eval:check_uridnsbl('URIBL_BLACK_NS')
tflags          URIBL_BLACK_NS        net
# score         URIBL_BLACK_NS        3.0
score           URIBL_BLACK_NS        0.01

URIBL_BLACK_NSIP

Datafeed users have the ability to load the black_nsip.txt zone locally to utilize this rule.

# Example SpamAssassin Rule usage
#  - This rule will work in all SpamAssassin versions, as it works in the same 
#    fasion as the Spamhaus SBL rule (URIBL_SBL).
#  - Change blacknsip.your-domain.tld to the host you have this data loaded in
#  - Rescore from 0.01 after testing effectiveness on your mail flow 
uridnsbl         URIBL_BLACK_NSIP         blacknsip.your-domain.tld.  A
body             URIBL_BLACK_NSIP         eval:check_uridnsbl('URIBL_BLACK_NSIP')
tflags           URIBL_BLACK_NSIP         net
# score          URIBL_BLACK_NSIP         3.0
score            URIBL_BLACK_NSIP         0.01

URIBL_BLACK_A

Datafeed users have the ability to load the black_a.txt zone locally to utilize this rule.

# Example SpamAssassin Rule usage
#   - requires SpamAssassin 3.4x or higher! 
#   - Change blacka.your-domain.tld to the host you have this data loaded in
#   - Rescore from 0.01 after testing effectiveness on your mail flow 
uridnsbl        URIBL_BLACK_A   blacka.your-domain.tld.   A
body            URIBL_BLACK_A   eval:check_uridnsbl('URIBL_BLACK_A')
describe        URIBL_BLACK_A   Contains a URL's A listed in the URIBL_BLACK_A blocklist
tflags          URIBL_BLACK_A   net a
# score         URIBL_BLACK_A   3.0
score           URIBL_BLACK_A   0.01