On 10/30/2019 10:20 AM, Simon via mailop wrote:
Full article at <https://www.spamhaus.org/news/article/788/spamhaus-dnsbl-return-codes-technical-update>.
And it is about time for ALL anti-spam software and hardware which have the option to add a third party DNSBL blacklist... to ALSO have the option to only treat DNSBL queries as a "hit" when the IP that is returned is one of the /particular specified/ IP addresses that the admin has added to a list of actionable IPs - and NOT forcing this to be an all-or-none choice. If anyone reading this has any kind of control or input over such a system that isn't doing this yet - PLEASE add that feature into your system ASAP - so that actions can be limited to particular returned IPs. (even if an optional feature).
This is ALSO important because the practice of doing DNSBL lookups on one's ISP or other 3rd party DNS system (NOT recommended, btw) makes such a system "at risk" of that DNS system misinterpreting the request as being someone at their browser misspelling a domain name they typed in - or clicking a link to a website with an expired domain - and then that DNS system might return an IP that would try to direct the user to a more friendly search page, for a better browsing experience. But if that happens with DNSBL queries, and the actionable return IPs are not specified (or the user doesn't even have that option!) - then this puts that mail system at risk of having massive amounts of false positive caused by this "series of unfortunate events" malfunction, when their spam filter misinterprets those as "hits".
-- Rob McEwen https://www.invaluement.com
_______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
