.\" -*- mode: troff; coding: utf-8 -*- .\" Automatically generated by Pod::Man v6.0.2 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. .ie n \{\ . ds C` "" . ds C' "" 'br\} .el\{\ . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" .\" Required to disable full justification in groff 1.23.0. .if n .ds AD l .\" ======================================================================== .\" .IX Title "Mail::SpamAssassin::Plugin::URILocalBL 3" .TH Mail::SpamAssassin::Plugin::URILocalBL 3 2025-12-13 "perl v5.42.0" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH NAME URILocalBL \- blocklist URIs using local information (ISP names, address lists, and country codes) .SH SYNOPSIS .IX Header "SYNOPSIS" This plugin creates some new rule test types, such as "uri_block_cc", "uri_block_cidr", and "uri_block_isp". These rules apply to the URIs found in the HTML portion of a message, i.e. markup. .PP .Vb 1 \& loadplugin Mail::SpamAssassin::Plugin::URILocalBL .Ve .PP Why local blocklisting? There are a few excellent, effective, and well\-maintained DNSBL\*(Aqs out there. But they have several drawbacks: .IP \(bu 2 blocklists can cover tens of thousands of entries, and you can\*(Aqt select which ones you use; .IP \(bu 2 verifying that it\*(Aqs correctly configured can be non\-trivial; .IP \(bu 2 new blocklisting entries may take a while to be detected and entered, so it\*(Aqs not instantaneous. .PP Sometimes all you want is a quick, easy, and very surgical blocklisting of a particular site or a particular ISP. This plugin is defined for that exact usage case. .SH "RULE DEFINITIONS AND PRIVILEGED SETTINGS" .IX Header "RULE DEFINITIONS AND PRIVILEGED SETTINGS" The format for defining a rule is as follows: .PP .Vb 2 \& uri_block_cc SYMBOLIC_TEST_NAME cc1 cc2 cc3 cc4 .. \& uri_block_cc SYMBOLIC_TEST_NAME !cc1 !cc2 .. .Ve .PP or: .PP .Vb 2 \& uri_block_cont SYMBOLIC_TEST_NAME co1 co2 co3 co4 .. \& uri_block_cont SYMBOLIC_TEST_NAME !co1 !co2 .. .Ve .PP or: .PP .Vb 1 \& uri_block_cidr SYMBOLIC_TEST_NAME a.a.a.a b.b.b.b/cc .Ve .PP or: .PP .Vb 1 \& uri_block_isp SYMBOLIC_TEST_NAME "Data Rancid" McCarrier Phishers\-r\-Us .Ve .PP Example rule for matching a URI in China: .PP .Vb 1 \& uri_block_cc TEST1 cn .Ve .PP If you specify list of negations, such rule will match ANY country except the listed ones (Finland, Sweden): .PP .Vb 1 \& uri_block_cc TEST1 !fi !se .Ve .PP Continents uri_block_cont works exactly the same as uri_block_cc. .PP This would block the URL http://www.baidu.com/index.htm. Similarly, to match a Spam\-haven netblock: .PP .Vb 1 \& uri_block_cidr TEST2 65.181.64.0/18 .Ve .PP would match a netblock where several phishing sites were recently hosted. .PP And to block all CIDR blocks registered to an ISP, one might use: .PP .Vb 1 \& uri_block_isp TEST3 "Data Rancid" ColoCrossing .Ve .PP Quote ISP names containing spaces. .PP Lastly, if there\*(Aqs a country that you want to block but there\*(Aqs an explicit host you wish to exempt from that blocklist, you can use: .PP .Vb 1 \& uri_block_exclude TEST1 www.baidu.com .Ve .PP if you wish to exempt URL\*(Aqs referring to this host. The same syntax is applicable to CIDR and ISP blocks as well. .SH DEPENDENCIES .IX Header "DEPENDENCIES" The Country\-Code based filtering can use any Mail::SpamAssassin::GeoDB supported module like MaxMind::DB::Reader (GeoIP2) or Geo::IP. ISP based filtering might require a paid subscription database like GeoIPISP.