Am 2010-12-09 21:59, schrieb Steve: > Hacking? Adding one additional BL to policyd-weight.conf is not > hacking. Hacking policyd-weight would be if you add additional > features like OS fingerprinting support, GeoIP support, etc...
ok ok, you're right ;-) I just thought of the advice of the author of polweight that fiddling around with the weights might lead to unexpected and unwanted results, so I try to be cautious here. > Anyway... if you want to test ZEN in policyd-weight and want > policyd-weight to block a client as soon the connecting IP is in ZEN > then just add a score at least as high as the value you have for > $MAXDNSBLSCORE. yep, thanks. http://www.spamhaus.org/zen/ says: > zen.spamhaus.org should be the only spamhaus.org DNSBL in your IP > blocklist configuration. You should not use ZEN together with other > Spamhaus IP blocklists, or with blocklists already included in our > zones (such as the CBL) or you will simply be wasting DNS queries and > slowing your mail queue. > > zen.spamhaus.org replaces sbl-xbl.spamhaus.org in most > configurations. If you are currently using sbl-xbl.spamhaus.org you > should replace sbl-xbl.spamhaus.org with zen.spamhaus.org. So I rather tend to just edit policyd-weight.conf: # diff -ur policyd-weight.conf.edited policyd-weight.conf --- policyd-weight.conf.edited 2010-12-10 18:36:45.000000000 +0100 +++ policyd-weight.conf 2010-01-27 22:51:06.000000000 +0100 @@ -57,7 +57,7 @@ @dnsbl_score = ( # HOST, HIT SCORE, MISS SCORE, LOG NAME 'pbl.spamhaus.org', 3.25, 0, 'DYN_PBL_SPAMHAUS', - 'zen.spamhaus.org', 4.35, -1.5, 'ZEN_SPAMHAUS', + 'sbl-xbl.spamhaus.org', 4.35, -1.5, 'SBL_XBL_SPAMHAUS', 'bl.spamcop.net', 3.75, -1.5, 'SPAMCOP', 'dnsbl.njabl.org', 4.25, -1.5, 'BL_NJABL', 'list.dsbl.org', 4.35, 0, 'DSBL_ORG', What do you think? Stefan
