On Sun, Dec 23, 2007 at 06:23:11AM -0500, Justin Piszcz wrote: > Hi, > > Was wondering if support for whitelists would be made available in > policyd-weight? > > For example, see: http://www.dnswl.org/ > > I add it in here: > > 'list.dnswl.org', 0.00, -5.0, 'DNSWL',
change this to 'list.dnswl.org', -5.0, 0, 'DNSWL', The first score is added if the RBL/DNSWL has hit, i.e. the client is listed. If the HIT score is greater than 0 it is treated as a RBL hit, if the score is less than 0 (eg: -1) it is treated as a DNSWL hit. > But it still counts as a 'bad' RBL, is there any chance of making a whitelist > section where if X number of > whitelist RBLs include a certain IP -or- the value is less than X it is > allowed? > > This then leads to a second question, perhaps one wants to place emphasis or > weight upon the trust level: > > Per: http://www.dnswl.org/tech > > Trustworthiness / Score (127.0.x.Y): > > * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo mailservers, > -0.1) > * 1 = low - reduce chance of false positives (-1.0) > * 2 = medium - make sure to avoid false positives but allow override for > clear cases (-10.0) > * 3 = high - avoid override (-100.0). > > So it would need to be something like: > > list.dnswl.org ret=127.0.0.0 -5.0 > list.dnswl.org ret=127.0.0.1 -3.0 > > > Just an idea.. But the main request is a @whitelist for RBL's to help reduce > false positives. > > Justin. > > ____________________________________________________________ > Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Robert Felber (PGP: 896CF30B) Munich, Germany ____________________________________________________________ Policyd-weight Mailinglist - http://www.policyd-weight.org/
