From c3f1cc6f41a50e4c2c7c023b3fa85d0d4a31a97c Mon Sep 17 00:00:00 2001
From: Vsevolod Stakhov <vsevolod@highsecure.ru>
Date: Fri, 1 May 2015 17:03:39 +0100
Subject: [PATCH] Add DBL list gradation.

---
 conf/metrics.conf | 54 +++++++++++++++++++++++++++++++++++++++++++++--
 conf/modules.conf | 12 +++++++++++
 2 files changed, 64 insertions(+), 2 deletions(-)

diff --git a/conf/metrics.conf b/conf/metrics.conf
index 7c4839245..de59b04ef 100644
--- a/conf/metrics.conf
+++ b/conf/metrics.conf
@@ -753,10 +753,60 @@ metric {
 	    symbol { weight = 3.0; name = "SEM_URIBL_FRESH15"; description = "Spameatingmonkey uribl. Domains registered in the last 15 days (.AERO,.BIZ,.COM,.INFO,.NAME,.NET,.PRO,.SK,.TEL,.US)"; }
 	    
 	    symbol {
-	        weight = 5.500000;
-	        description = "DBL uribl";
+	        weight = 0.000000;
+	        description = "DBL uribl unknown symbol (error)";
 	        name = "DBL";
 	    }
+	    symbol {
+	        weight = 6.500000;
+	        description = "DBL uribl spam";
+	        name = "DBL_SPAM";
+	    }
+	    symbol {
+	        weight = 6.500000;
+	        description = "DBL uribl phishing";
+	        name = "DBL_PHISH";
+	    }
+	    symbol {
+	        weight = 6.500000;
+	        description = "DBL uribl malware";
+	        name = "DBL_MALWARE";
+	    }
+	    symbol {
+	        weight = 5.500000;
+	        description = "DBL uribl botnet C&C domain";
+	        name = "DBL_BOTNET";
+	    }
+	    symbol {
+	        weight = 6.500000;
+	        description = "DBL uribl abused legit spam";
+	        name = "DBL_ABUSE";
+	    }
+	    symbol {
+	        weight = 7.500000;
+	        description = "DBL uribl abused spammed redirector domain";
+	        name = "DBL_ABUSE_REDIR";
+	    }
+	    symbol {
+	        weight = 7.500000;
+	        description = "DBL uribl abused legit phish";
+	        name = "DBL_ABUSE_PHISH";
+	    }
+	    symbol {
+	        weight = 7.500000;
+	        description = "DBL uribl abused legit malware";
+	        name = "DBL_ABUSE_MALWARE";
+	    }
+	    symbol {
+	        weight = 5.500000;
+	        description = "DBL uribl abused legit botnet C&C";
+	        name = "DBL_ABUSE_BOTNET";
+	    }
+	    symbol {
+	        weight = 0.00000;
+	        description = "DBL uribl IP queries prohibited!";
+	        name = "DBL_PROHIBIT";
+	    }
 	    symbol {
 	        weight = 7.5;
 	        description = "uribl.com black url";
diff --git a/conf/modules.conf b/conf/modules.conf
index c4afed009..3bd62c672 100644
--- a/conf/modules.conf
+++ b/conf/modules.conf
@@ -64,6 +64,18 @@ surbl {
         suffix = "dbl.spamhaus.org";
         symbol = "DBL";
         options = "noip";
+        ips = {
+            DBL_SPAM = "127.0.1.2";	# spam domain
+            DBL_PHISH = "127.0.1.4";	# phish domain
+            DBL_MALWARE = "127.0.1.5"; 	# malware domain
+            DBL_BOTNET = "127.0.1.6"; 	# botnet C&C domain
+            DBL_ABUSE = "127.0.1.102"; 	# abused legit spam
+            DBL_ABUSE_REDIR = "127.0.1.103"; 	# abused spammed redirector domain
+            DBL_ABUSE_PHISH = "127.0.1.104"; 	# abused legit phish
+            DBL_ABUSE_MALWARE = "127.0.1.105"; 	# abused legit malware
+            DBL_ABUSE_BOTNET = "127.0.1.106"; 	# abused legit botnet C&C
+            DBL_PROHIBIT = "127.0.1.255"; 	# IP queries prohibited!
+        }
     }
     rule {
         suffix = "uribl.spameatingmonkey.net";
-- 
2.39.5