spamassassin-users December 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: DNSWL will be disabled by default as of

Re: DNSWL will be disabled by default as of tomorrow

From: Karsten Bräckelmann <guenther_at_nospam>
Date: Mon Dec 12 2011 - 22:35:30 GMT
To: users@spamassassin.apache.org

On Mon, 2011-12-12 at 13:01 -0800, Ted Mittelstaedt wrote:
> On 12/12/2011 12:24 PM, Karsten Bräckelmann wrote:

> > Please don't forget that this became an issue only after DNSWL policy
> > change. At the time the DNSWL rules have been enabled by default in SA,
> > there where no deliberately false listing responses.
>
> Not to belabor the point but according to the Internet Archive this
> DNSWL policy change happened in October 2010, that is when the
> website was changed.

Back in Oct 2010 the policy has been changed, introducing the free usage
limits and a subscription offer. However, the policy was "enforced" by
blocking requests of abusive hosts only. Harmless, and will not result
in FPs.

The policy change we're discussing -- serving FP listings to excessive
over-limit abusers -- was established just recently, Oct 17, 2011.

If you want to see for yourself, please have a look at the DNSWL news,
linked from their main site.

> SA 3.3.2 shipped June 2011 so it seems that there should have been
> sufficient time to change the default.

See above, off by one year.

While the team arguably didn't react appropriately to the initial
heads-up by Darxus just a few weeks ago, I stand to what I said.

> > And I don't see anyone calling the users abusive. But the DNS servers.
> > Which is causing collateral damage to some users.
>
> This is a mailing list mainly for SA administrators, users of SA in
> this context are the administrators that install it, not the end users

I did not say, neither imply anything else. With no word did I refer to
end-users or clients -- frankly, in context the interpretation of
"users" as "users of SA, people running the product" is the only one
that makes sense. And is generally to be assumed in this place anyway.
But thanks for stating the obvious.

> using SA-enabled mailservers. And DNS servers don't just query for
> no reason.

DNS servers don't query for no reason, but because the admin chose to
use it.

Again, I stand to what I said. I have not seen anyone blaming users.

-- char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}