I am trying to get rbl filtering of my incoming mail. I tried to configure sendmail to do rbl checks, but since I dislike opening the smtp port on my router, I decided to use fetchmail to periodically poll my external mail sources, and use spamassassin for rbl checks. Unfortunately this doe not work for me for some reason. spamassassin -D --lint reports: debug: config: read file /usr/share/spamassassin/20_dnsbl_tests.cf ... debug: is Net::DNS::Resolver available? yes debug: Net::DNS version: 0.48 so I conclude that the rbl test are available as are the perl dns modules are available to spamassassin. Yet mail messages originating from sources which are listed in sorbs as spam-sources, pass through, I never get any RCVD_IN_SORBS results, i.e. the following received header should trigger RCVD_IN_SORBS_DUL Received: from unknown (HELO keatingjones.com) (84.97.25.132) by anchovy2.45ru.net.au with SMTP; 9 Jul 2006 13:36:23 -0000 because the dns reverse lookup returns a result # nslookup 132.25.97.84.dnsbl.sorbs.net Server: 192.168.1.186 Address: 192.168.1.186#53 Non-authoritative answer: Name: 132.25.97.84.dnsbl.sorbs.net Address: 127.0.0.10 What am I overlooking? Peter My /usr/share/spamassassin/20_dnsbl_tests.cf contains the following # SORBS # transfers: both axfr and ixfr available # URL: http://www.dnsbl.sorbs.net/ # pay-to-use: no # delist: $50 fee for RCVD_IN_SORBS_SPAM, others have free retest on request header __RCVD_IN_SORBS eval:check_rbl('sorbs', 'dnsbl.sorbs.net.') describe __RCVD_IN_SORBS SORBS: sender is listed in SORBS tflags __RCVD_IN_SORBS net header RCVD_IN_SORBS_HTTP eval:check_rbl_sub('sorbs', '127.0.0.2') describe RCVD_IN_SORBS_HTTP SORBS: sender is open HTTP proxy server tflags RCVD_IN_SORBS_HTTP net header RCVD_IN_SORBS_SOCKS eval:check_rbl_sub('sorbs', '127.0.0.3') describe RCVD_IN_SORBS_SOCKS SORBS: sender is open SOCKS proxy server tflags RCVD_IN_SORBS_SOCKS net header RCVD_IN_SORBS_MISC eval:check_rbl_sub('sorbs', '127.0.0.4') describe RCVD_IN_SORBS_MISC SORBS: sender is open proxy server tflags RCVD_IN_SORBS_MISC net header RCVD_IN_SORBS_SMTP eval:check_rbl_sub('sorbs', '127.0.0.5') describe RCVD_IN_SORBS_SMTP SORBS: sender is open SMTP relay tflags RCVD_IN_SORBS_SMTP net # delist: $50 fee #header RCVD_IN_SORBS_SPAM eval:check_rbl_sub('sorbs', '127.0.0.6') #describe RCVD_IN_SORBS_SPAM SORBS: sender is a spam source #tflags RCVD_IN_SORBS_SPAM net header RCVD_IN_SORBS_WEB eval:check_rbl_sub('sorbs', '127.0.0.7') describe RCVD_IN_SORBS_WEB SORBS: sender is a abuseable web server tflags RCVD_IN_SORBS_WEB net header RCVD_IN_SORBS_BLOCK eval:check_rbl_sub('sorbs', '127.0.0.8') describe RCVD_IN_SORBS_BLOCK SORBS: sender demands to never be tested tflags RCVD_IN_SORBS_BLOCK net header RCVD_IN_SORBS_ZOMBIE eval:check_rbl_sub('sorbs', '127.0.0.9') describe RCVD_IN_SORBS_ZOMBIE SORBS: sender is on a hijacked network tflags RCVD_IN_SORBS_ZOMBIE net header RCVD_IN_SORBS_DUL eval:check_rbl('sorbs-notfirsthop', 'dnsbl.sorbs.net.', '127.0.0.10') describe RCVD_IN_SORBS_DUL SORBS: sent directly from dynamic IP address tflags RCVD_IN_SORBS_DUL net