How to disable Validity RBL lookups in SpamAssassin

M

Mudgee Host

Active Member
Proxmox Subscriber
Jan 24, 2021
23
4
43
56
Hi,

Spamassassin uses the validity RBL by default. I am exceeding the 10k limit and have no interesting in subscribing to validity.
Code: 
RCVD_IN_VALIDITY_RPBL_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.

How do I stop SpamAssassin from querying this RBL?

cpanel has some instructions up, not sure if they translate to proxmox MG or not.
https://support.cpanel.net/hc/en-us...stop-SpamAssassin-from-querying-Validity-RBLs
 
I have same problem RCVD_IN_VALIDITY_CERTIFIED_BLOCKED, RCVD_IN_VALIDITY_RPBL_BLOCKED and RCVD_IN_VALIDITY_SAFE_BLOCKED

pmg pmg-smtp-filter[2598607]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_SAFE_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-accredit.habeas.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-accredit.habeas.com" to disable queries)
pmg pmg-smtp-filter[2598607]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED hit, creating /root/.spamassassin/dnsblock_bl.score.senderscore.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny bl.score.senderscore.com" to disable queries)
pmg-smtp-filter[1756808]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_CERTIFIED_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-trusted.bondedsender.org (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-trusted.bondedsender.org" to disable queries)

so I edited /etc/pmg/templates/local.cf.in

add

dns_query_restriction deny multi.uribl.com
dns_query_restriction deny bl.score.senderscore.com
dns_query_restriction deny sa-accredit.habeas.com
dns_query_restriction deny sa-trusted.bondedsender.org

pmgconfig sync --restart 1
 
Last edited:
AlexHK said:
I believe you have to create a new custom.cf file in /etc/mail/spamassassin/, then add the block to disable your specific RBL there.
Click to expand...

Thanks yes that has worked.
for anyone else wishing to do the same thing

check SpamAssassin is running version 3.4 or greater
Code: 
# spamassassin -V

create / edit the SpamAssassin custom config and add the following lines to it
Code: 
vi /etc/mail/spamassassin/custom.cf
dns_query_restriction deny sa-trusted.bondedsender.org
dns_query_restriction deny sa-accredit.habeas.com
dns_query_restriction deny bl.score.senderscore.com
Click to expand...

restart the filter
Code: 
systemctl restart pmg-smtp-filter
 
  • Like
Reactions: AlexHK
Mudgee Host said:
I signed up at the time but got cold feet when their portal switched from https://my.validity.com/zone/ to https://my.validity.com/ and suddenly it was all about trials and billing.
Click to expand...
This is completly odd. Is it possible you get together free service and 14 days trial for DemandTools?

According to this Article
"Starting March 1, 2024 we will allow up to 10,000 requests per user over a 30-day time period. After 10,000 requests, users must create a MyValidity account to continue using this free service. At this level of usage, we'd simply like to know who you are – there are no fees or purchases required. Upon the creation of a MyValidity account, you will receive continued access to queries (directly or through SpamAssassin).
Click to expand...
Yesterday I registered to this service and I had no notifications about trial and billings.

If you are already registered try out this link https://my.validity.com/zone/settings?tab=account or https://my.validity.com/zone/settings?tab=ip and let me know.
 
itret said:
Is it possible you get together free service and 14 days trial for DemandTools?
Click to expand...

I'm not sure what I did. I was having a good look around. in hindsight I probably just navigated out of the 'zone' site and into the regular one and thats when a trial got launched as I was logged in but without any products

itret said:
If you are already registered try out this link https://my.validity.com/zone/settings?tab=account
Click to expand...

I see the account I setup.

out of interest, while logged in what happens when you go to https://my.validity.com/ ?
 
I figured I'd try and fix this on my setup, as I keep getting:

Code: 
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED hit, creating /root/.spamassassin/dnsblock_bl.score.senderscore.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny bl.score.senderscore.com" to disable queries)
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_SAFE_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-accredit.habeas.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-accredit.habeas.com" to disable queries)
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_CERTIFIED_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-trusted.bondedsender.org (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-trusted.bondedsender.org" to disable queries)

I did try to set up an account with validity.com - added my IP addresses, but still keep getting these errors - likely because its a difference list....
 
CRCinAU said:
I figured I'd try and fix this on my setup, as I keep getting:

Code: 
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED hit, creating /root/.spamassassin/dnsblock_bl.score.senderscore.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny bl.score.senderscore.com" to disable queries)
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_SAFE_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-accredit.habeas.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-accredit.habeas.com" to disable queries)
Jul 16 18:12:02 mailfilter pmg-smtp-filter[112488]: WARNING: check: dns_block_rule RCVD_IN_VALIDITY_CERTIFIED_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-trusted.bondedsender.org (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-trusted.bondedsender.org" to disable queries)

I did try to set up an account with validity.com - added my IP addresses, but still keep getting these errors - likely because its a difference list....
Click to expand...
Just try to wait few hours, it dosn't work stright away.
 
Sorry to kick this older topic, but I seem to have the same issue. I'm on a fresh install of PMG 9.0.6 and every message I receive albeit spam or non-spam, contains these three headers:

Code: 
    RCVD_IN_VALIDITY_CERTIFIED_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.
    RCVD_IN_VALIDITY_RPBL_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.
    RCVD_IN_VALIDITY_SAFE_BLOCKED  0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.
Is there a way to only disable these three rules and leave the rest of the RBL checking enabled?

I already tried to create an account at https://my.validity.com/zone and managed to add my IP address. But when I try to login again it now tells me I do not have a license for this product and it kicks me out.

EDIT Logging into validity in a private browser works and I can see my IP address is registered, but the headers still remain in every message.
 
Last edited:
Same problem, but i got it a little more bad. Same three rules applied, but somehow it put summarily more than 2 points to the messages, and that's a problem, because it makes almost every message 3 or above points

Code: 
WARNING: check: dns_block_rule RCVD_IN_VALIDITY_SAFE_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-accredit.habeas.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-accredit.habeas.com" to disable queries)
WARNING: check: dns_block_rule RCVD_IN_VALIDITY_RPBL_BLOCKED hit, creating /root/.spamassassin/dnsblock_bl.score.senderscore.com (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny bl.score.senderscore.com" to disable queries)
WARNING: check: dns_block_rule RCVD_IN_VALIDITY_CERTIFIED_BLOCKED hit, creating /root/.spamassassin/dnsblock_sa-trusted.bondedsender.org (This means DNSBL blocked you due to too many queries. Set all affected rules score to 0, or use "dns_query_restriction deny sa-trusted.bondedsender.org" to disable queries)
40D9B699EBC5F0C78B: SA score=3/5 time=5.555 bayes=undefined autolearn=disabled hits=ARC_SIGNED(0.001),ARC_VALID(0.001),DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),DMARC_PASS(-0.1),HTML_FONT_SIZE_HUGE(0.001),HTML_MESSAGE(0.001),MISSING_HEADERS(1.207),RCVD_IN_DNSWL_LOW(-0.7),RCVD_IN_VALIDITY_CERTIFIED_BLOCKED(1.113),RCVD_IN_VALIDITY_RPBL_BLOCKED(0.358),RCVD_IN_VALIDITY_SAFE_BLOCKED(0.659),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_FILL_THIS_FORM_SHORT(0.01),URI_DATA(1),URI_TRUNCATED(0.001)

I did no changes to default spamassassin rule points. Installation was in-place upgraded from PMG8, btw
Current version is
pmg-api/9.0.6/0a1e7f1cf8f3 (running kernel: 6.14.11-4-pve)

I already registered to Validity and added all the IPs one hour ago, but still no changes.
I really don't want to disable anything, but this is the emergency case. Why so many points? Thanks
 
Last edited:
  • Like
Reactions: af7567
I disabled this and other services by adding the following lines to /etc/mail/spamassaassin/custom.cf

dns_query_restriction deny bl.score.senderscore.com
dns_query_restriction deny sa-accredit.habeas.com
dns_query_restriction deny sa-trusted.bondedsender.org
dns_query_restriction deny multi.uribl.com
dns_query_restriction deny dbl.spamhaus.org
 
  • Like
Reactions: arukashi
I have been ignoring this message for a long time since creating a validity account and registering the IP of the DNS server doesn't make any difference for me. But today I noticed the spam score is much higher than 0.001:

Code: 
RCVD_IN_VALIDITY_CERTIFIED_BLOCKED  0.618 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.  
RCVD_IN_VALIDITY_RPBL_BLOCKED  0.734 ADMINISTRATOR NOTICE: The query to Validity was blocked.  See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information.
RCVD_IN_VALIDITY_SAFE_BLOCKED   0.78 ADMINISTRATOR NOTICE:

I haven't set any custom scores for these rules, this was done automatically and sent a few things to spam which shouldn't have been.


edit: It also seems like the myvalidity free account is no longer a thing. If I try to login there to check the IP addresses I get told I don't have a license for this product and can't continue.
 
Last edited:
At the end creating validity.com account helped my problem, for now
But the main problem i guess is that it is too much points, mail agent blocked by RBL service is not the message problem itself

looks like its connected with the latest SA update, i did a little file system research and found this inside the file /var/lib/spamassassin/4.000002/updates_spamassassin_org/72_scores.cf
score RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 1.113 0.001 1.113

that is the only place where i could find it
 
You must log in or register to reply here.
Top Bottom
Back