You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by da...@chaosreigns.com on 2011/10/12 19:01:17 UTC
DNSWL returns _HI trust level for everything to "abusive" DNS
servers Re: Spam email many have RCVD_IN_DNSWL_MED
On 10/12, Alessio Cecchi wrote:
> I have found the problem: Google name server
>
> >On 10/11, Alessio Cecchi wrote:
> >>Received: from [175.145.6.37] (unknown [175.145.6.37])
> >
> >$ host 37.6.145.175.list.dnswl.org
> >Host 37.6.145.175.list.dnswl.org not found: 3(NXDOMAIN)
> >
> >Should not hit any RCVD_IN_DNSWL_* rules.
>
> In this installation:
>
> # cat /etc/resolv.conf
> nameserver 8.8.8.8
> nameserver 8.8.4.4
>
> # host 37.6.145.175.list.dnswl.org
> 37.6.145.175.list.dnswl.org has address 127.0.10.3
Sorry, I should have realized this problem sooner too.
Relatively recently, DNSWL started returning values that correspond to the
spamassassin rule RCVD_IN_DNSWL_HI for *all* queries, for name servers that
have been deemed "abusive". I found out about it 10 days ago.
A year ago DNSWL announced it would start requiring payment from people
doing more than 100,000 queries per day. This is tied to the determination
of "abusiveness".
So yes, as Jim Popovitch recommended, you should not have this problem
if you run a local DNS server (without using "abusive" servers as
forwarders), which I think is probably recommended practice for running
spamassassin anyway.
--
"every time I race I see god" - tsuwa, #motorcycles, EFNet, 7/19/06
http://www.ChaosReigns.com
Re: DNSWL returns _HI trust level for everything to "abusive" DNS servers Re: Spam email many have RCVD_IN_DNSWL_MED
Posted by Simon Loewenthal <si...@klunky.co.uk>.
darxus@chaosreigns.com wrote:
On 10/12, Alessio Cecchi wrote:
> I have found the problem: Google name server
>
> >On 10/11, Alessio Cecchi wrote:
> >>Received: from [175.145.6.37] (unknown [175.145.6.37])
> >
> >$ host 37.6.145.175.list.dnswl.org
> >Host 37.6.145.175.list.dnswl.org not found: 3(NXDOMAIN)
> >
> >Should not hit any RCVD_IN_DNSWL_* rules.
>
> In this installation:
>
> # cat /etc/resolv.conf
> nameserver 8.8.8.8
> nameserver 8.8.4.4
>
> # host 37.6.145.175.list.dnswl.org
> 37.6.145.175.list.dnswl.org has address 127.0.10.3
Sorry, I should have realized this problem sooner too.
Relatively recently, DNSWL started returning values that correspond to the
spamassassin rule RCVD_IN_DNSWL_HI for *all* queries, for name servers that
have been deemed "abusive". I found out about it 10 days ago.
A year ago DNSWL announced it would start requiring payment from people
doing more than 100,000 queries per day. This is tied to the determination
of "abusiveness".
So yes, as Jim Popovitch recommended, you should not have this problem
if you run a local DNS server (without using "abusive" servers as
forwarders), which I think is probably recommended practice for running
spamassassin anyway.
--
"every time I race I see god" - tsuwa, #motorcycles, EFNet, 7/19/06
http://www.ChaosReigns.com
Although I did not think it was recommended to use Google's DNS with SA. From SA FAQ:
Your DNSBL blocks nothing at all!
First, check our FAQ answer for "Your DNSBL blocks the whole Internet!" and make sure you've not made a spelling mistake in your mailserver configuration.
Check what DNS resolvers you are using: If you are using a free "open DNS resolver" service such as Google Public DNS or Level3's public DNS servers to resolve your DNSBL requests, in most cases you will receive a "not listed" (NXDOMAIN) reply from Spamhaus' public DNSBL servers. Please use your own DNS servers when doing DNSBL queries to Spamhaus.
--
If you cannot beat them, try to cĂ´ntrole them.