spamassassin-users December 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: DNSWL will be disabled by default as of

Re: DNSWL will be disabled by default as of tomorrow

From: John Hardin <jhardin_at_nospam>
Date: Tue Dec 13 2011 - 14:21:40 GMT
To: users@spamassassin.apache.org

On Tue, 13 Dec 2011, Kevin A. McGrail wrote:

> On 12/13/2011 2:19 AM, Dave Warren wrote:
>> Perhaps a better long-term solution would be to validate DNS lists before
>> using them?
>>
>> One possible implementation would be to test to ensure that 127.0.0.1
>> is not listed
>>
>> Similarly, 127.0.0.1 should never be listed for any DNSBL
>> that I'm aware of, and so when a list moves to a list-the-world
>> configuration, this entry would spot it.
>
> Unfortunately, 1 is a bitwise answer I've seen it used. In fact, just
> checking real quick, I've got an RBL that uses 1 on a live server now.

Let's rephrase: querying 127.0.0.1 should never return a positive answer.

Returning 127.0.0.1 as an answer is not a problem.

This seems to me to be a reasonable test. If the BL returns a hit, and if
it hasn't been validated in the last X hours, then query 127.0.0.1 and see
if the list returns a positive. If so, discard the hit and suppress
querying the list for the next Y hours.

-- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhardin@impsec.org FALaholic #11174 pgpk -a jhardin@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- North Korea: the only country in the world where people would risk execution to flee to communist China. -- Ride Fast ----------------------------------------------------------------------- 2 days until Bill of Rights day