Differences between revisions 3 and 4
Revision 3 as of 2009-09-20 23:16:15
Size: 966
Editor: localhost
Comment: converted to 1.6 markup
Revision 4 as of 2015-03-10 20:47:16
Size: 1884
Editor: KevinMcGrail
Comment: Bug 7147
Deletions are marked like this. Additions are marked like this.
Line 18: Line 18:
=== Common Problems ===

If this rule triggers based on mails received from large mail providers (eg.
United Internet / GMX or Google), chances are that SpamAssassin has a wrong
view of what constitutes the local network. Unless SpamAssassin runs on, for
example, a United Internet server, the `Received:` lines indicating that some
United Internet server has taken up the message from a dynamic IP (no matter
what that line says about authentication credentials) should not be evaluated;
RCVD_IN_PBL is a last_internal rule. (It should trigger, however, if a server
under local administration has accepted the message from a dynamic IP without
indicating that proper authentication has happened).

In such situations, make sure that the TrustPath is configured correctly, and
that SpamAssassin is actually working on the right headers (which can be an
issue with some spamass-milter configurations).

SpamAssassin Rule: <RCVD_IN_PBL>

Standard description: Received via a relay in Spamhaus PBL

Explanation

The PBL official page and description is here and that page can also be used to look up an IP in the PBL.

The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server, except those provided for specifically by an ISP for that customer's use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.

In other words, it lists IP addresses that are not expected to host a normal mail server, and the PBL has Self-Service removal and IP owner management mechanisms.

Further Info

The default scores for this rule can be found in the online list of tests.

Common Problems

If this rule triggers based on mails received from large mail providers (eg. United Internet / GMX or Google), chances are that SpamAssassin has a wrong view of what constitutes the local network. Unless SpamAssassin runs on, for example, a United Internet server, the Received: lines indicating that some United Internet server has taken up the message from a dynamic IP (no matter what that line says about authentication credentials) should not be evaluated; RCVD_IN_PBL is a last_internal rule. (It should trigger, however, if a server under local administration has accepted the message from a dynamic IP without indicating that proper authentication has happened).

In such situations, make sure that the TrustPath is configured correctly, and that SpamAssassin is actually working on the right headers (which can be an issue with some spamass-milter configurations).


CategoryRule

Rules/RCVD_IN_PBL (last edited 2015-03-10 20:47:16 by KevinMcGrail)