Matthias Leisi wrote on 29/09/24 12:02 am:
All returnhi / parentblock have now been reverted to refuse.
I have re-enabled the DNSWL rules in our default configuration in rules updates. They should be visible to sa-update once they get through rule QA. As they were only disabled about 5 days ago, anyone who has not run sa-update since then will still be running the rules, and anyone who does run it regularly will get the rules again soon when they next update.
Matthias, If it is possible for you to identify which of the BLOCKED ip addresses are open nameservers, and use a different code for them such as 127.0.1.255 or 127.0.0.254, then we can have a different rule for them that has a description that says explicitly not to use open nameservers on the server that is running SpamAssassin, while making the rule description for 127.0.0.255 be more specific about high usage requiring a subscription.
Sidney
