Spamassassin Blacklists
Blacklists are a little easier to understand in that you will find domains or senders that you simply do not want to receive mail from them ever.
There are two blacklist directives. The first directive, blacklist_from will specify a a sender address that address is what will appear in the Resent-From, From, Envelope-Sender, Resent-Sender or X-Envelope-From. When the sender address matches a score of 100 is added to the sender, which effectively blocks mail from that user. Edit the /etc/mail/spamassassin/local.cf file to place these entries.
blacklist_from joe@badexample.com
blacklist_from badexample.com *.badexample.com
The wildcard “*” can be used for including multiple characters to eliminate all users on the badexample.com domain.
You can remove a user from the list by using the the unblacklist_from directive.
unblacklist_from badexample.com
The other method of blacklisting users is the blacklist_to which will blacklist the recipient address. This users may be found in the Resent-To, Resent-Cc, To, Apparently-To, Delivered-To, Envelope-Recipients, Apparently-Resent-To, X-Envelope-To, Envelope-To, X-Delivered-To, X-Original-To, X-Rcpt-To, X-Real-To, or Cc.
blacklist_to users@mycompany.com
This would be used to eliminate mail coming to possibly forged To header by adding 10 points to the score.
Here is what a local.cf looks like with some blacklist entries.
# These should be safe assumptions and allow for simple visual sifting
# without risking lost emails.
required_hits 5
report_safe 0
rewrite_header Subject [SPAM]
blacklist_from *@bellevuecollege.edu
blacklist_from *@vmta-c-253.lstrk.net
blacklist_from *@SmartStream-1.itsjss.com
blacklist_from *@hosting.obdobion.com
