1Mail::SpamAssassin::PluUgsienr::CUoRnItLroicbaultBeLdM(a3Pi)elr:l:SDpoacmuAmsesnatsastiino:n:Plugin::URILocalBL(3)
2
3
4

NAME

6       URILocalBL - blacklist URIs using local information (ISP names, address
7       lists, and country codes)
8

SYNOPSIS

10       This plugin creates some new rule test types, such as "uri_block_cc",
11       "uri_block_cidr", and "uri_block_isp".  These rules apply to the URIs
12       found in the HTML portion of a message, i.e. <a href=...> markup.
13
14         loadplugin    Mail::SpamAssassin::Plugin::URILocalBL
15
16       Why local blacklisting? There are a few excellent, effective, and well-
17       maintained DNSBL's out there. But they have several drawbacks:
18
19       • blacklists can cover tens of thousands of entries, and you can't
20         select which ones you use;
21
22       • verifying that it's correctly configured can be non-trivial;
23
24       • new blacklisting entries may take a while to be detected and entered,
25         so it's not instantaneous.
26
27       Sometimes all you want is a quick, easy, and very surgical blacklisting
28       of a particular site or a particular ISP. This plugin is defined for
29       that exact usage case.
30

RULE DEFINITIONS AND PRIVILEGED SETTINGS

32       The format for defining a rule is as follows:
33
34         uri_block_cc SYMBOLIC_TEST_NAME cc1 cc2 cc3 cc4
35
36       or:
37
38         uri_block_cont SYMBOLIC_TEST_NAME co1 co2 co3 co4
39
40       or:
41
42         uri_block_cidr SYMBOLIC_TEST_NAME a.a.a.a b.b.b.b/cc d.d.d.d-e.e.e.e
43
44       or:
45
46         uri_block_isp SYMBOLIC_TEST_NAME "DataRancid" "McCarrier" "Phishers-r-Us"
47
48       Example rule for matching a URI in China:
49
50         uri_block_cc TEST1 cn
51
52       This would block the URL http://www.baidu.com/index.htm.  Similarly, to
53       match a Spam-haven netblock:
54
55         uri_block_cidr TEST2 65.181.64.0/18
56
57       would match a netblock where several phishing sites were recently
58       hosted.
59
60       And to block all CIDR blocks registered to an ISP, one might use:
61
62         uri_block_isp TEST3 "ColoCrossing"
63
64       if one didn't trust URL's pointing to that organization's clients.
65       Lastly, if there's a country that you want to block but there's an
66       explicit host you wish to exempt from that blacklist, you can use:
67
68         uri_block_exclude TEST1 www.baidu.com
69
70       if you wish to exempt URL's referring to this host. The same syntax is
71       applicable to CIDR and ISP blocks as well.
72

DEPENDENCIES

74       The Country-Code based filtering requires the Geo::IP or GeoIP2 module,
75       which uses either the fremium GeoLiteCountry database, or the
76       commercial version of it called GeoIP from MaxMind.com.
77
78       The ISP based filtering requires the same module, plus the GeoIPISP
79       database.  There is no fremium version of this database, so commercial
80       licensing is required.
81
82       uri_country_db_path STRING
83         This option tells SpamAssassin where to find the MaxMind country
84         GeoIP2 database. Country or City database are both supported.
85
86       uri_country_db_isp_path STRING
87         This option tells SpamAssassin where to find the MaxMind isp GeoIP2
88         database.
89
90
91
92perl v5.32.1                      2021M-a0i4l-:1:4SpamAssassin::Plugin::URILocalBL(3)
Impressum