The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Official Zimbra news, events, releases, and updates.
User avatar
jorgedlcruz
Zimbra Alumni
Zimbra Alumni
Posts: 2769
Joined: Thu May 22, 2014 4:47 pm

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby jorgedlcruz » Wed Jan 07, 2015 3:47 am

An important announcement, AHBL is down now, so customers please don't use it, you can see the official note - http://www.ahbl.org/content/changes-ahbl.


The rhsbl.ahbl.org, dnsbl.ahbl.org, and ircbl.ahbl.org are not working anymore. This means that these services will return positive responses for any queries. More info here - http://www.ahbl.org/content/last-notice-wildcarding-services-jan-1st


See here a Community Forum - http://community.zimbra.com/collaboration/f/1886/p/1137271/1581468


So if you are using it, please remove it from your Zimbra servers.


Spamassasin have a proper autoupdate the scores and list, and should be comment the AHBL. Check it, and if you have problems with the autoupdate, please run it manually:


/opt/zimbra/libexec/zmsaupdate

If you have 8.0.6 or previous, we have a bug and you need to take a look here - https://bugzilla.zimbra.com/show_bug.cgi?id=85462


In case that you have any trouble, please edit the 50_scores.cf file and comment the lines from AHBL.


We can confirm that in 8.6, 8.5.1, 8.5 and 8.0.9 and 8.0.8 you should be able to launch this command, and see AHBL disabled:


In Zimbra 8.0.x
root@zimbra-sn-u12-01:/home/oper# more /opt/zimbra/conf/spamassassin/50_scores.cf | grep AHBL
# AHBL is closing down. disabling early. (Axb-2014-03-28)
#score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2

In Zimbra 8.x
more /opt/zimbra/data/spamassassin/rules/50_scores.cf | grep AHBL

# AHBL is closing down. disabling early. (Axb-2014-03-28)
#score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2


Best regards



Jorge de la Cruz https://jorgedelacruz.es
Technical Marketing Manager at Zimbra/Synacor https://www.zimbra.com/
chertel
Posts: 10
Joined: Thu Jan 08, 2015 9:12 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby chertel » Thu Jan 08, 2015 9:21 am

Hi Jorge,

please note that it is not sufficient to avoid using the AHBL blacklist in the MTA configuration of Zimbra.


The blacklist is enabled by default in the SpamAssassin configuration delivered with Zimbra, which is why ALL incoming mails will get additional spam points (see mail headers, e. g.: DNS_FROM_AHBL_RHSBL=2.699).

It is necessary to disable the use of this blacklist in the SpamAssassin configuration by adding the following to /opt/zimbra/conf/spamassassin/local.cf:

# disable AHBL, see http://www.ahbl.org/content/changes-ahbl
score DNS_FROM_AHBL_RHSBL 0

Afterwards, restart Zimbra services (maybe there is shortcut to only restart SpamAssassin, but I haven't found it yet):

zmcontrol restart


Best regards,
Christian Hertel

User avatar
jorgedlcruz
Zimbra Alumni
Zimbra Alumni
Posts: 2769
Joined: Thu May 22, 2014 4:47 pm

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby jorgedlcruz » Thu Jan 08, 2015 9:30 am

Hi Christian,


I've opened a Bug case for this - https://bugzilla.zimbra.com/show_bug.cgi?id=97212


Thank you very much for your info.

Jorge de la Cruz https://jorgedelacruz.es
Technical Marketing Manager at Zimbra/Synacor https://www.zimbra.com/
User avatar
msquadrat
Advanced member
Advanced member
Posts: 183
Joined: Mon Oct 14, 2013 10:09 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby msquadrat » Thu Jan 08, 2015 9:32 am

I think this update is already distributed via the SpamAssassin update mechanism. Depending on your version of Zimbra this should be updated automatically via /opt/zimbra/libexec/zmsaupdate
chertel
Posts: 10
Joined: Thu Jan 08, 2015 9:12 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby chertel » Thu Jan 08, 2015 9:43 am

Hmmm...as of the time of this comment, it was still enabled (Servers are running Zimbra 8.0.7) and leading to false-positives.
User avatar
jorgedlcruz
Zimbra Alumni
Zimbra Alumni
Posts: 2769
Joined: Thu May 22, 2014 4:47 pm

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby jorgedlcruz » Thu Jan 08, 2015 9:57 am

Hi chertel,


Should came down with an autoupdate, check it here you should have something like this:


root@zimbra-sn-u12-01:/home/oper# more /opt/zimbra/conf/spamassassin/50_scores.cf | grep AHBL
# AHBL is closing down. disabling early. (Axb-2014-03-28)
#score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2

Do you have your Zimbra Server connection to Internet?


Best regards

Jorge de la Cruz https://jorgedelacruz.es
Technical Marketing Manager at Zimbra/Synacor https://www.zimbra.com/
chertel
Posts: 10
Joined: Thu Jan 08, 2015 9:12 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby chertel » Thu Jan 08, 2015 10:02 am

Hi Jorge,

no, I don't have that line on our servers (and yes, the servers have internet connection):

# more /opt/zimbra/conf/spamassassin/50_scores.cf | grep AHBL
score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2

Maybe that autoupdate was added in later versions of Zimbra than 8.0.7 ?




Btw.: Your announcement also claims that the AHBL operators have whitelisted everything. In fact, the opposite is the case. See:
http://www.ahbl.org/content/last-notice-wildcarding-services-jan-1st ("This means that these services will return positive responses for any queries.").

Best regards,
Christian

chertel
Posts: 10
Joined: Thu Jan 08, 2015 9:12 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby chertel » Thu Jan 08, 2015 10:06 am

Ah, just get that from your bug report:



"All the servers I've looked at from 8.0.8-8.6.0 have this disabled"



Looks like that auto-update was added in Zimbra 8.0.8 :-(
User avatar
msquadrat
Advanced member
Advanced member
Posts: 183
Joined: Mon Oct 14, 2013 10:09 am

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby msquadrat » Thu Jan 08, 2015 10:11 am

The SpamAssassin auto update was added for 8.0.5. From the Release Notes:



82201

A new cronjob has been created to run nightly to check if

automated updates to spam assassin are available. The

command is zmsaupdate. Two LC keys are configured:

• antispam_enable_rule_updates. If TRUE, rule updates for

spamassassin are automatic.

• antispam_enable_restarts: If TRUE. AMAVIS restarts

automatically IF there was a successful rule update.
User avatar
jorgedlcruz
Zimbra Alumni
Zimbra Alumni
Posts: 2769
Joined: Thu May 22, 2014 4:47 pm

The DNSBL AHBL (Abusive Hosts Blocking Lists) is no longer offer their service.

Postby jorgedlcruz » Thu Jan 08, 2015 10:15 am

Hi chertel,


Please launch the command  that Malte told:


/opt/zimbra/libexec/zmsaupdate

And then check again the scores


root@zimbra-sn-u12-01:/home/oper# more /opt/zimbra/conf/spamassassin/50_scores.cf | grep AHBL
# AHBL is closing down. disabling early. (Axb-2014-03-28)
#score DNS_FROM_AHBL_RHSBL 0 2.438 0 2.699 # n=0 n=2

Do your server have access to Internet?

Jorge de la Cruz https://jorgedelacruz.es
Technical Marketing Manager at Zimbra/Synacor https://www.zimbra.com/

Return to “Announcements”

Who is online

Users browsing this forum: No registered users and 4 guests