https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6724
--- Comment #30 from Matthias Leisi <[email protected]> 2011-12-18 16:39:45 UTC --- (In reply to comment #2) > http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block > > Matthias, are you able to block/return no answers or return a last octet of > 255 > as a blocked answer. And NOT return purposefully wrong answers? As we speak, various updates are propagating to the mirrors. Significant abuser of the public nameserver infrastructure will now be redirected to a different view of the parent zone. This view is different from the main zone in the following ways: * The SOA rname YOU.ARE.BLOCKED.FROM.dnswl.org. * The zone has a TXT RR "You are blocked from using list.dnswl.org through public nameservers" * The "list" sub-zone does not have the a.ns, b.ns etc RRs, but only one: "you.are.blocked.from.using.dnswl.org.thorugh.public.nameservers.invalid." * Has a TXT RR for quick-and-dirty manual testing: "amiblocked.dnswl.org" which contains "Yes". This should avoid any unnecessary queries and limit collateral damage. There are now no more entries that would return "high trust" result in cases where we want admins/operators to fix something on their end. > header RCVD_IN_DNSWL_BLOCKED > eval:check_rbl_sub('dnswl-firsttrusted', > '^127\.0\.\d+\.255$') We can basically return any A record, but will wait for the outcome of the discussion in bug 6728 (esp comment #11 suggesting the use of 0.0.0.0). -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
