Jake Vickers wrote:
On 04/30/2010 06:45 PM, George Varagas wrote:
IMHO it works better with the -h option as now you can use the rDNS
feature. This is invaluable in allowing certain known IP's to score low
in spamassassin.
As for the logging info, spamd/current looks quite similar with the
addition of USER_IN_WHITELIST in the rules.
George
Quite similar or the same? I need more information, examples, studies,
etc. This would be a change that would affect hundreds to thousands of
other people if it is applied, so I want to make sure that we're not
fixing something for one and breaking things for everyone else.
---------------------------------------------------------------------------------
My take on this:
.) Having the rDNS name in the Received: header instead of "unknown" is
a substantial improvement. Besides enabling the use of the stock SA
whitelist_from_rcvd rule, I expect this would also be useful in
circumstances where traceability is in question (legal ramifications),
and it makes debugging a tad easier as well (which is the stated purpose
of Received: headers in the first place).
.) Regarding efficiency improvements with the -H option, when spamdyke
is in use, the rDNS name will be looked up twice (once by tcpserver and
once by spamdyke), but the value will be cached by whatever resolver is
in use (having a resolver on the QMT host is recommended). Any
performance impact due to a 2nd rDNS lookup would be miniscule (I expect
pretty much immeasurable). If spamdyke is not checking rDNS, I don't
think that a single rDNS lookup would impact performance noticeably,
unless there is a problem with DNS resolution (which is a separate
problem that should be fixed by the admin).
.) Regarding log format, I'm not seeing any change other than the
addition of the rDNS name in the "tcpserver: ok" lines, in the
appropriate place. If this change causes something else to malfunction,
I expect that it would be the malfunctioning program that would need
fixing. IOW, I don't see how this change could break anything that's
otherwise functioning properly. It appears to be a standard part of
tcpserver's log message to include (or not when unavailable) the rDNS name.
.) I've implemented the change in 3 production servers, and have come up
with no down side to this, except perhaps that it detracts from work on
v2. I don't think it merits a special v1.x release, but I'd like to see
it in v2.
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
