Resolved Spamassasin with DNSBL, avoiding URIBL_BLOCKED

[Sunday87]

I just want to share a little something I have learned today and maybe get some feedback if what I did is improper or something. I could not find any howto using the same very simple approach to fixing my issue.

I recently set up a new VPS instance with Ubuntu 18.04 and Plesk Onyx, for some Web- and Email-hosting. I noticed that most incoming mail had the tag URIBL_BLOCKED in their Spamassassin results, hinting that DNSBL was not working as expected. I quickly found the reason: DNS resolving was done through my Hosters DNS cache, which was exceeding the DNSBL providers fair use policy.

The generally proposed workaround is to setup dnsmasq as a caching DNS server. I did not like that idea, because there already was bind running by default on my server, which in its default configuration would handle dns requests comming from the localhost (on 127.0.0.1). However, /etc/resolv.conf pointed to systemd-resolved instead (running on 127.0.0.53), which would forward requests to my Hosters DNS cache.

So simpy by adding a file 65_dns.cf containing

dns_server 127.0.0.1

to /etc/spamassassin, I managed to make spamassassin use bind to resolve DNSBL requests, bypassing my ISPs DNS cache and making DNSBL work properly.

 

[sweetp]

nice and simple fix,
thanks!

 

[tramvainqueur]

Thank you for this proposition as a for plesk systems clean and astonishingly simple fix. After a reboot, plesk did not eliminate this change.

I confirm that in email headers this URIBL_BLOCKED and RCVD_IN_DNSWL_BLOCKED and surely others similar do not appear again.
Personal experiense: An email account has noticeable less spam.

For search engines I write the correct word SpamAssassin.

For others reading this post: This proposal of @Sunday87 should work for almost all using Spamassassin as Spamfiltersystem. This fix does not require plesk as server management. And the preconfigured dns resolver like bind or other can not be messed up as this is possible in proposals by other websites for avoiding URIBL_BLOCKED and RCVD_IN_DNSWL_BLOCKED and surely others, too. Therefore I also recommend this proposition.

I repeat what has to be done for the realization of the proposition:
Take care: all as root or with

sudo

beforehand for every command

- Type

touch /etc/spamassassin/65_dns.cf

.
- Then

vim /etc/spamassassin/65_dns.cf

- Type

i

on keyboard to get in edit mode of vim for adding

dns_server 127.0.0.1

. Then to exit editing mode of vim, type

[button ESC]

.
- For saving and quitting vim, type

:wq

.
- I do not know if following is needed, but to be sure this change will be considered in the future, restart spamfilter (hopefully this is sufficient with typing

/etc/init.d/spamassassin restart

or

service spamassassin restart

, but to be sure, just reboot whole server with

reboot

, if you do not mind that uptime will be reset).

for sake of completeness: practically using: Ubuntu 22.04 LTS with Plesk 18.0.49, which runs SpamAssassin 3.4.6