MailScanner ANNOUNCE: ac.uk users of Spamhaus zones
Anthony Peacock
a.peacock at chime.ucl.ac.uk
Wed Apr 23 12:49:59 IST 2008
Hu Julian,
Many thanks for this. I was aware (and use) the JANet subscription to
the MAPS+ lists, but wasn't aware of the Spamhaus list feeds.
Your DNS forwarder solution makes this very neat indeed, and I have
adopted it today.
Julian Field wrote:
> This is only relevant to users of the Spamhaus zones (i.e. anyone using
> SpamAssassin or MailScanner) who are connected to JANet.
>
> The JANet mail team already have a subscription to the Spamhaus zones,
> which they provide under different names on their own DNS servers, which
> are accessible to all JANet sites.
>
> However, the problem with that is that you have to redefine all the
> SpamAssassin rules that use these zones in order to use their different
> names. This totally breaks the ability to use sa-update every night (and
> update_spamassassin) in order to automatically fetch new rulesets. Which
> is a real pain.
>
> So I asked them to provide the zones under their original names as well,
> so all we needed were 4 entries in our named.conf files to forward the
> zones to the JANet servers instead of the original Spamhaus servers
> which it will do by default.
>
> My request has been answered :-)
>
> So now they have 6 DNS servers (which are all listed in the A records
> for ns.mail-abuse.ja.net.) which provide the 4 main spamhaus zones under
> their original names.
> So you can put your SpamAssassin rules back to how they were by default,
> and just tweak your named.conf by adding this:
>
> zone "sbl.spamhaus.org" {
> type forward;
> forward only;
> // JKF 2008-04-22 Using Janet-provided copy of the zone.
> forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
> 128.86.8.85; 128.86.8.120; 128.86.8.245; };
> }; zone "pbl.spamhaus.org" {
> type forward;
> forward only;
> // JKF 2008-04-22 Using Janet-provided copy of the zone.
> forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
> 128.86.8.85; 128.86.8.120; 128.86.8.245; };
> }; zone "xbl.spamhaus.org" {
> type forward;
> forward only;
> // JKF 2008-04-22 Using Janet-provided copy of the zone.
> forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
> 128.86.8.85; 128.86.8.120; 128.86.8.245; };
> };
> zone "zen.spamhaus.org" {
> type forward;
> forward only;
> // JKF 2008-04-22 Using Janet-provided copy of the zone.
> forwarders { 194.82.174.182; 194.83.56.228; 194.83.56.244;
> 128.86.8.85; 128.86.8.120; 128.86.8.245; };
> };
>
> Once a month or so, you should check the list of IP addresses you give
> in the lines above against what you get from the command
> dig ns.mail-abuse.ja.net. A
> to make sure your list of IP addresses is up to date. I have asked them
> to set up an announcements mailing list for us to join so that we get
> notification of any changes to the list of IP addresses. I'll let you
> know what I hear about this.
>
> They will shortly update their web pages to reflect this new service.
>
> I hope this is useful to all the ac.uk sites out there!
>
> Jules
>
--
Anthony Peacock
CHIME, Royal Free & University College Medical School
WWW: http://www.chime.ucl.ac.uk/~rmhiajp/
Study Health Informatics - Modular Postgraduate Degree
http://www.chime.ucl.ac.uk/study-health-informatics/
More information about the MailScanner
mailing list