spamassassin-dev December 2011 archive
Main Archive Page > Month Archives  > spamassassin-dev archives
spamassassin-dev: [Bug 6724] DNS Blacklistsreturning purposefull

[Bug 6724] DNS Blacklistsreturning purposefully wrong answers as part of Anti-Abuse / Free for Some Policies

From: <bugzilla-daemon_at_nospam>
Date: Tue Dec 13 2011 - 21:46:12 GMT

--- Comment #20 from Kevin A. McGrail <> 2011-12-13 21:46:12 UTC ---
(In reply to comment #19)
> "... hold off on subsequent DNSBL queries for 1 hour."
> I just made a suggestion to the authors of the above cited draft, and in my
> suggestion, I indicated that perhaps queries to the offending DNS-based list be
> disabled until reconfiguration or manual restart without a time limit. We
> don't know what time quantum the list maintainer may hae selected over which to
> determine excessive queries or even if such is a constant (vs. lengthened
> periods for each time a query source is blocked, including "permanently").
> Although one hour may be reasonable for a "first" test after detecting a
> problem, maybe subsequent retries after continued failure should be much later.
> In that respect, I suggest starting with 1 hour, but then add half the time
> for each subsequent failure, producing a series: 1, 1.5, 2.25, 3.375, 5.0625,
> ....

I like the exponential delay but something like 5% extra instead of 50% might
be better. Otherwise in just one day, you are going to have massive retry

Plus 1 query per hour = 24 queries a day versus over 100K per day. I think 1
per hour is going to be a really good number to start with and won't need much

-- Configure bugmail: ------- You are receiving this mail because: ------- You are the assignee for the bug.