You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Bill Landry <bi...@inetmsg.com> on 2007/10/09 00:04:36 UTC
Re: [sa-list] Re: Auto-RBL was: Why did this not hit more? (SPF,
DKIM, Ironport,
Dan Mahoney, System Admin wrote:
> On Mon, 8 Oct 2007, Rob McEwen wrote:
>
>> Therefore, I recommend that you re-think your choices here! Don't let
>> your quest for "guaranteed long-term perfection" keep you from making
>> **substantial** progress today!
>
> Rob,
>
> Then help rally the SA team to include those RBLs that you mentioned in
> the stock config.
>
> Also, rally them to update the documentation on the wiki on how to
> configure SA for third-party DNSBL's, because it blows (and refers to
> years-old versions of SA). Yes, I know the point of a wiki is that
> ANYONE can update it, but I'm not about to update it with information I
> don't understand for certain.
>
> ((Q: This documentation doesn't seem to cover how to configure
> dns-blocklists. It says "Support for these is built-in" but I can't
> believe that all free BL's is called each time a mail is beeing checked.
> There must be a way to configure which to use.
>
> A: You're right. You might look at the [WWW] Mail::SpamAssassin::Conf
> documentation page which I admit doesn't really say how to configure
> which DNSBL to use, or the rules file [WWW] 20_dnsbl_tests.cf, for
> internal details, but no clear examples of how to configure the
> inclusion of various DNSBLs either. For the latest list of DNSBLs you
> want to be using SpamAssassin version 2.63 or 3.0.0-pre2, for the same
> reason that you wouldn't use an out-of-date virus scanner, but that also
> doesn't really have anything to do with the question.))
>
> Finally, rally them to pay attention to the topic I'm proposing here,
> which is: allow users to run their own RBL + feeder so that they can
> auto-rbl and floodgate themselves (and yes, it allows me to combine your
> corpus, plus my corpus, plus HIS corpus) in a scoring config, which is
> FUN...or it lets you say, quite simply "SA said you sent too much spam,
> now sendmail won't listen for X hours per spam run".
>
> <soapbox>
>
> While I've had a long history of getting decent responses from the
> developers on this list some of the time -- nobody has managed to answer
> the questions I've asked in the previous thread:
>
> * can we do something with the ironport headers
>
> * can we do something with the SPF softfail which my MTA registered but
> SA didn't (and why didn't it?)
>
> * can we do something with the X-Originating-IP: 127:1 (is it a legit
> header, or is it there to evade filters?)
>
> * can we fix something about the DKIM_POLICY_SIGNSOME,
>
> * and after I changed the topic: Can we get a plugin that lets us feed
> our own blocklists, currently I get dictionary floods that are enough to
> overload SA (even right now).
Why would you be accepting messages to non-existent users? If you reject these
at the MTA, then SA would never see them and your MTA would not have to deal
with bounces to forged sender addresses (backscatter).
Bill
> and many is the time I've just sent an email out to this list on a given
> topic, seen a lack of useful answer, and shrugged it off.
>
> </soapbox>
>
> --
>
> "Check it out, it's just like Christmas. Except it sucks."
>
> -Jason Seguerra, 3/2/05
>
> --------Dan Mahoney--------
> Techie, Sysadmin, WebGeek
> Gushi on efnet/undernet IRC
> ICQ: 13735144 AIM: LarpGM
> Site: http://www.gushi.org
> ---------------------------
>