spamassassin-dev December 2011 archive
Main Archive Page > Month Archives  > spamassassin-dev archives
spamassassin-dev: [Bug 6724] DNS Blacklistsreturning purposefull

[Bug 6724] DNS Blacklistsreturning purposefully wrong answers as part of Anti-Abuse / Free for Some Policies

From: <bugzilla-daemon_at_nospam>
Date: Wed Dec 14 2011 - 08:10:14 GMT

--- Comment #24 from Matthias Leisi <> 2011-12-14 08:10:14 UTC ---
(In reply to comment #17)

> Matthias, if you can decide on a bit (not a bitmask) to return for DNSWL
> blocks, we can add the notification rule.

As already pointed out in comment #21, we don't return a bitmask, but a
simple/single value in the last octet. is fine.

> And if this moves you to change your decision to implement the purposefully
> wrong DNS response, we can move DNSWL back to default configuration.

SA is not the only user of our public nameserver infrastructure, so there may
still be abusive use of that infrastructure that requires measures above and
beyond SA's _BLOCKED rule.

We will add measures against such situations to the zone to avoid
that certain queries even reach the zone nameservers (similar to
what presumably URIBL is doing).

Together, this makes it unlikely that we need to resort back to the
"" answer ever.

-- Configure bugmail: ------- You are receiving this mail because: ------- You are the assignee for the bug.