Re: net mass-checks triggering (URI)DNSBL provider blocks?

Wed, 05 Sep 2007 20:49:28 -0700 

Theo Van Dinter wrote:

On Wed, Sep 05, 2007 at 10:16:21PM -0400, Daryl C. W. O'Shea wrote:
If we do more frequent --net mass-checks we may individually run the chance of being blocked by the providers of the (URI)DNSBLs such as Spamhaus. 


Has anyone been blocked to date?  Probably not given the once a week 
frequency.


If done correctly, this isn't an issue.  This is another benefit of
--reuse.  :)


Are the hit-rates of the lists high enough that the results that aren't 
cached by the use of --reuse low enough to fall under the block 
triggering level?  Either way, I guess we should get around to figuring 


You want as much as possible to be able to use --reuse.


out a way of caching the non-hits.  I'm thinking of a method that 


It does this now, doesn't it?  IIRC, --reuse says that if there is a 
X-Spam-Status
header, it's assumed all the net rules were run and so they're not run again.



Well sort of... (as below) new rules can't be distinguished from no hit 
or never tried.  Not sure why I was thinking a rule was run if there was 
no indication of it hitting before.



assumes you ran the rules (based on the SA version in the message 
header) unless you've specifically told it you don't run a particular rule.


I started working on, but never fully implemented, the NetCache plugin.
The idea is that all network requests and responses (or lack thereof)
would be stored as a header in the message.  Then on the mass-check run, that
data would be used for responses.  This way, even some new rules could use
this information depending on what they're looking for...



I had remembered you wanting to do this and had forgotten all about the 
NetCache plugin.



Should we look at getting zone transfers from the various providers and 
hosting a copy on the zone that committers could use?


That's great if we use the zone machine for DNS, that doesn't really work for
individuals running on our own machines...  ;)



Well of course.  You'd have to forward those zones in your local caching 
server (like anyone else using rbldnsd), or transfer/rsync the zones to 
your own machine for it to be of any use.  Pretty much a non-issue 
though given that --reuse doesn't allow the queries like I was thinking.



Daryl
























					Reply via email to