NAME

URILocalBL - blocklist URIs using local information (ISP names, address lists, and country codes)

SYNOPSIS

This plugin creates some new rule test types, such as "uri_block_cc", "uri_block_cidr", and "uri_block_isp". These rules apply to the URIs found in the HTML portion of a message, i.e. <a href=...> markup.

loadplugin    Mail::SpamAssassin::Plugin::URILocalBL

Why local blocklisting? There are a few excellent, effective, and well-maintained DNSBL's out there. But they have several drawbacks:

blocklists can cover tens of thousands of entries, and you can't select which ones you use;
verifying that it's correctly configured can be non-trivial;
new blocklisting entries may take a while to be detected and entered, so it's not instantaneous.

Sometimes all you want is a quick, easy, and very surgical blocklisting of a particular site or a particular ISP. This plugin is defined for that exact usage case.

RULE DEFINITIONS AND PRIVILEGED SETTINGS

The format for defining a rule is as follows:

uri_block_cc SYMBOLIC_TEST_NAME cc1 cc2 cc3 cc4 ..
uri_block_cc SYMBOLIC_TEST_NAME !cc1 !cc2 ..

or:

uri_block_cont SYMBOLIC_TEST_NAME co1 co2 co3 co4 ..
uri_block_cont SYMBOLIC_TEST_NAME !co1 !co2 ..

or:

uri_block_cidr SYMBOLIC_TEST_NAME a.a.a.a b.b.b.b/cc

or:

uri_block_isp SYMBOLIC_TEST_NAME "Data Rancid" McCarrier Phishers-r-Us

Example rule for matching a URI in China:

uri_block_cc TEST1 cn

If you specify list of negations, such rule will match ANY country except the listed ones (Finland, Sweden):

uri_block_cc TEST1 !fi !se

Continents uri_block_cont works exactly the same as uri_block_cc.

This would block the URL http://www.baidu.com/index.htm. Similarly, to match a Spam-haven netblock:

uri_block_cidr TEST2 65.181.64.0/18

would match a netblock where several phishing sites were recently hosted.

And to block all CIDR blocks registered to an ISP, one might use:

uri_block_isp TEST3 "Data Rancid" ColoCrossing

Quote ISP names containing spaces.

Lastly, if there's a country that you want to block but there's an explicit host you wish to exempt from that blocklist, you can use:

uri_block_exclude TEST1 www.baidu.com

if you wish to exempt URL's referring to this host. The same syntax is applicable to CIDR and ISP blocks as well.

DEPENDENCIES

The Country-Code based filtering can use any Mail::SpamAssassin::GeoDB supported module like MaxMind::DB::Reader (GeoIP2) or Geo::IP. ISP based filtering might require a paid subscription database like GeoIPISP.

To install Mail::SpamAssassin, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mail::SpamAssassin

CPAN shell

perl -MCPAN -e shell
install Mail::SpamAssassin

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

SYNOPSIS

RULE DEFINITIONS AND PRIVILEGED SETTINGS

DEPENDENCIES

Module Install Instructions