https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6728
--- Comment #8 from Kevin A. McGrail <[email protected]> 2011-12-15 23:28:17 UTC --- (In reply to comment #7) > In my opinion, "blocked" should ALSO trigger upon the affirmative receiving of > an A record OUTSIDE of 127.0.0.0/8, regardless of ruleset processing. This > part of the recognition would be performed in the routine which processes > DNS-list results. "Blocked" detection for this purpose should be a boolean > flag - to handle a case where more than one offending address is received, and > handled after such processing. That way, we won't accidentally bump the > timeout counter more than once when retrying. I get this part. We should make URIBL.pm and EvalDNS.pm flag ignore responses outside of 127.0.0.1 and possibly even trigger BLOCKED. > Functional DNS lists should explicitly return "0.0.0.0" (i.e. no rule is > necessary to detect them). Here is where I get confused. Functional lists should explicitly return 0.0.0.0 to what query? > Non-functional lists may return any [unicast] > address as they may be "parked" at a registration service for sale and SA got > the A record (via a DNS wildcard entry) meant for HTTP redirection to a > "domain > for sale" web server page. Definitely a good case to fix. This issue has bitten us on other RBLs in the past. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
