spamassassin-users December 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: DNSWL will be disabled by default as of

Re: DNSWL will be disabled by default as of tomorrow

From: Kevin A. McGrail <KMcGrail_at_nospam>
Date: Mon Dec 12 2011 - 21:18:48 GMT
To: Ned Slider <ned@unixmail.co.uk>

> So does this mean SA should disable ALL network based tests by default
> as they all have the same potential to return false
> positives/negatives to get the attention of (abusive) sysadmins? About
> the only difference is dnswl.org got to hit folks with a -5 score
> whereas most others would have significantly less scoring impact
> available, but the potential threat is the same.
In the past, the RBL errors I can think of were less RBL policy and more
RBLs going under where things such as registrars took over DNS and
returned answers for every query.

However, the stability of an RBL and their infrastructure is a major
concern for the SA project to consider an RBL for inclusion for just
these type of reasons. There is a lot of debate concerning RBLs, their
impact and their inclusion in SA.

> I can understand the decision if dnswl.org have requested SA disable
> lookups by default, but otherwise it's a last resort attempt to get
> the attention of someone after all other reasonable efforts to
> communicate the issue have failed. I personally don't think it
> unreasonable.
>
> Either way, I appreciate the heads up here so we (SA users) may make
> the decision whether or not to re-enable dnswl.org on our own setups.

As an aside, DNSWL most likely disagrees with disabling the rules by
default in SA. However, it was an SA decision to do so in light of
complaints of the rule misfiring on purpose due to over-quota policies
for DNSWL.

Regards,
KAM