MailScanner ANNOUNCE: ac.uk users of Spamhaus zones
Julian Field
MailScanner at ecs.soton.ac.uk
Tue Apr 22 21:06:25 IST 2008
This is only relevant to users of the Spamhaus zones (i.e. anyone using
SpamAssassin or MailScanner) who are connected to JANet.
The JANet mail team already have a subscription to the Spamhaus zones,
which they provide under different names on their own DNS servers, which
are accessible to all JANet sites.
However, the problem with that is that you have to redefine all the
SpamAssassin rules that use these zones in order to use their different
names. This totally breaks the ability to use sa-update every night (and
update_spamassassin) in order to automatically fetch new rulesets. Which
is a real pain.
So I asked them to provide the zones under their original names as well,
so all we needed were 4 entries in our named.conf files to forward the
zones to the JANet servers instead of the original Spamhaus servers
which it will do by default.
My request has been answered :-)
So now they have 6 DNS servers (which are all listed in the A records
for ns.mail-abuse.ja.net.) which provide the 4 main spamhaus zones under
their original names.
So you can put your SpamAssassin rules back to how they were by default,
and just tweak your named.conf by adding this:
zone "sbl.spamhaus.org" {
type forward;
forward only;
// JKF 2008-04-22 Using Janet-provided copy of the zone.
forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
128.86.8.85; 128.86.8.120; 128.86.8.245; };
};
zone "pbl.spamhaus.org" {
type forward;
forward only;
// JKF 2008-04-22 Using Janet-provided copy of the zone.
forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
128.86.8.85; 128.86.8.120; 128.86.8.245; };
};
zone "xbl.spamhaus.org" {
type forward;
forward only;
// JKF 2008-04-22 Using Janet-provided copy of the zone.
forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
128.86.8.85; 128.86.8.120; 128.86.8.245; };
};
zone "zen.spamhaus.org" {
type forward;
forward only;
// JKF 2008-04-22 Using Janet-provided copy of the zone.
forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
128.86.8.85; 128.86.8.120; 128.86.8.245; };
};
Once a month or so, you should check the list of IP addresses you give
in the lines above against what you get from the command
dig ns.mail-abuse.ja.net. A
to make sure your list of IP addresses is up to date. I have asked them
to set up an announcements mailing list for us to join so that we get
notification of any changes to the list of IP addresses. I'll let you
know what I hear about this.
They will shortly update their web pages to reflect this new service.
I hope this is useful to all the ac.uk sites out there!
Jules
--
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner-announce
mailing list