Why does the "URIBL_BLOCKED ADMINISTRATOR NOTICE" SpamAssassin rule trigger on all of my messages, what is it for and how can I avoid this?
URIBL (https://www.uribl.com) is a DNS-based Blackhole List which tracks IP addresses which are commonly used for sending spam mails. URIBL is enabled by default for SpamAssassin installations but allows only a certain amount of requests from the same IP every day. If this amount is exceeded, any further requests will be blocked by the URIBL servers with the info notification above.
This typically happens for SpamAssassin installations that use public DNS resolvers such as Google. As any request that is forwarded via the Google servers has the same IP when it reaches the Blackhole list, all requests will share the same limit. For usage of an alternative DNS, please follow these instructions.
For the following domains it is currently useful to set up forwarding to ensure the full functionality of SpamAssassin:
Now determine the name server for each of the mentioned domains.
Open a command prompt and issue the following command (e.g. for "lists.dnswl.org"):
nslookup -querytype=ns list.dnswl.org.
Attention: Do not omit the dot at the end of the domain, otherwise nslookup will append your local domain and the command will not work.
list.dnswl.org nameserver = b.ns.dnswl.org
list.dnswl.org name server = c.ns.dnswl.org
b.ns.dnswl.org internet address = 220.127.116.11
c.ns.dnswl.org internet address = 18.104.22.168
c.ns.dnswl.org AAAA IPv6 address = 2600:3c01::21:1000
If you are using an enterprise firewall, you can also make these settings there. The function can be found in the 'DNS' section and is called 'DNS Request Routing' or 'DNS Redirection' or similar.