Spam Block .ru

[techuser]

Will this work?

1. Create the file block.cf in /etc/spamassassian

blacklist_from *@*.ru

Will this essentially block all emails from that come from .ru?

If I want to allow a specific ".ru" address, can I simply add the single .ru email that I want to add back via the GUI?

I am really surprised that there isn't a GUI blacklist in Untangle.

I am having an issue where it appears that my clients are getting lots of emails that are coming from russia.

[miw]

Hi, hopefully this will give you some more information about how to block country specific top level domains (TLDs) in SpamAssassin.

1. To block countries: There are two local.cf files.. There is the Server Local.cf and the domain local.cf: You can simply put the following in your server local.cf file and restart sendmail and spamassassin.. (from NjWebHost sitepoint)

ru REJECT



http://bit.ly/qRSomu

[techuser]

In the folder /etc/spamassassin, I am only seeing one local.cf file.

Looking at the file,

I only see...

# Untangle global Spam Blocker settings
score ALL_TRUSTED 0
lock_method flock
auto_whitelist_factor 0.3
pyzor_timeout 3

# A simple-to-parse report format
clear_report_template
report _SUMMARY_

So all that is needed is to add "ru Reject" as the end of the file, and then restart the Spam Assassin service?

[techuser]

I am unsure if I did this correctly, but it didn't appear to break the server.

cd /etc/spamassassin
pico block.cf
blacklist_from *@domain.ru
chmod +x block.cf
/etc/init.d/spamassain restart

I did a ps -ef | grep spamd and it appears that the spam process is running.

[techuser]

I am still not sure if I can just add to the block.cf file "*@*.ru".

The local.cf file method posted earlier, is not exactly clear. In looking on the server, I only saw one local.cf file. Do you just add "ru REJECT" at the end?

[mrunkel]

moved to hacks.

[miw]

Quote:

Originally Posted by techuser

I am still not sure if I can just add to the block.cf file "*@*.ru".

The local.cf file method posted earlier, is not exactly clear. In looking on the server, I only saw one local.cf file. Do you just add "ru REJECT" at the end?

My understanding is yes you would just append "ru REJECT" to the end of the file, but I haven't tested that in an Untangle with SpamAssassin environment; please let me know if it is successful.

[techuser]

This has been applied into production, and so far I have not received any unwanted emails.

[techuser]

Looking at the Networking > Advanced > File overrides. If I add the local.cf file to the overrides section, will that create a problem when performing upgrades? I'd like to ensure that the my additional rejection rules hold after minor and major upgrades.

If Untangle needs to upgrade files marked in the overrides section, will it prompt or warn the user, so that the upgrade can complete without problems.

[dmorris]

Quote:

Originally Posted by techuser

Looking at the Networking > Advanced > File overrides. If I add the local.cf file to the overrides section, will that create a problem when performing upgrades? I'd like to ensure that the my additional rejection rules hold after minor and major upgrades.

If Untangle needs to upgrade files marked in the overrides section, will it prompt or warn the user, so that the upgrade can complete without problems.

That file override won't help. Only networking (and parts of it) check the file override list. I would just disable upgrades if you modify files on the filesystem.