New RXL plugin

Mar 23 2011 Published by under News

We have created the RXL plugin. The RXL plugin implements RBL (Realtime Blackhole Lists) and RWL (Realtime Whitehole List). These techniques work using the same technology. The difference between then is the score asigned to rules searching in RBL and/or RWL. RBL rules should present a positive score and RWL a negative one.

The technology under the Realtime Lists is basically the DNS (Domain Name System). In order to check if is in the list DNSWL.ORG ( we resolve the domain according with the instructions provided by DNSWL.ORG. The queryes to other lists are the same but replacing the suffix. For instance, to check the server in the SpamHaus ZEN list we use the suffix ( Check this list of RXLs

We are now working in the development of a cache for the queryes. The documentation also should be updated consequently.

You can now call to rxl_check and rxl_check_octect in order to develop your rules. rxl_check(<list_suffix>[, <number_received_heder>]) and rxl_check(<list_suffix>, <octect number>, <octect value>[, <number_received_heder>]). For instance:

header IN_ZEN_SPAMHAUS rxl_check("", 3)

header IN_SBL_SPAMHAUS rxl_check("", 4, 2, 3)
describe IN_SBL_SPAMHAUS according SpamHaus doc is in SBL when result is

header IN_DNSWL rxl_check("", 3)
score IN_DNSWL -3

Comments are off for this post