How can I add custom DNSBLs for use in Warden Anti-spam and Virus Protection?

Enabling DNSBLs at the mail server level (recommended)

Most people will want to enable DNSBLs at the mail server level because it is the most efficient method.

  1. Navigate to Warden -> Settings -> Mail Server Settings -> DNSBLs -> check Turn on spam protection based on DNS blackhole lists. Custom entries can be added to the select list by entering the DNSBL name then pressing the space bar.
  2. We recommend selecting  the following DNSBLs: zen.spamhaus.org, b.barracudacentral.org , psbl.surriel.com
  3. Warning: Do not use zen.spamhaus.org if your server uses public DNS resolvers. More information

DNSBLs

Using the Command Line Interface

Admins can also use the Warden command line interface to add DNSBLs. You can view the available options using:

warden --task=mailserver:mailserver --help

Example:

warden --task=mailserver:mailserver --dnsbls_enabled=true --dnsbls=zen.spamhaus.org,b.barracudacentral.org,psbl.surriel.com

Enabling DNSBLs at the content filter level (advanced users only)

Advanced users can add DNSBLs for use directly by Amavis. This is less efficient than the method above but it allows you to use Amavis (respecting Policy whitelists) instead of blocking it completely.

To add a custom DNSBL for use by Amavis, you need to edit the SpamAssassin config at /etc/mail/spamassassin/local.cf. You will need to add a block for each DNSBL you wish to add, for example:

header        DNSBL_CUSTOM_1    eval:check_rbl('dnsrbl','dnsrbl.org.')
describe      DNSBL_CUSTOM_1    Entries listed in dnsrbl.org DNSBL
tflags        DNSBL_CUSTOM_1    net
score         DNSBL_CUSTOM_1    3.25

DNSBL_CUSTOM_1 is the rule name and can be whatever you want, just keep it the same for each line (spaces are not allowed and it must be less than 50 chars). You can use either eval:check_rbl or eval:check_rbl_txt functions to perform a lookup. TXT records are a more recent addition to RBL lists that bring back a bit of textual information about the listing, although this usually just a URL to where the information is available. Both these functions require a minimum of two arguments. The first argument is used for more complex sub-query handling. It can effectively be whatever you want, but keep it unique. The second argument is the DNS zone that actually provides the DNSBL functionality. This must end in a "." .

Restart Amavis after you add your entries:

// Centos/RHEL/AlmaLinux/CloudLinux
systemctl restart amavisd

// Debian/Ubuntu
systemctl restart amavis
  • DNSBL, blocklists
  • 0 Users Found This Useful
Was this answer helpful?

Related Articles

How can I change the interface language of the extension?

You can change the interface language under Settings -> Application Settings -> Locale...

How can I disable admin email notifications in Amavis?

Amavis has different default options for controlling where virus, spam, banned file attachments,...

How can I whitelist or blacklist a mail server from greylisting?

To Whitelist a Mail Server From Greylisting Navigate to Warden -> Settings ->...

How can I enable third party anti-virus signatures within Warden to improve the ClamAV detection rate?

Warden supports enabling third party anti-virus signatures to improve the detection rate. These...

How can I setup a local caching DNS resolver to speed up DNS queries used by Amavis?

Run the following command to check if local DNS caching is enabled: host -tTXT...