Re: How to remove a domain from a stock or third-party 2tld ruleset?
Kris Deugau wrote: Karsten Bräckelmann wrote: Another approach, since I understand you want to query against a local URI DNSBL, is simply to use wildcard DNS entries. Thus, regardless of a 2tld listing and the resulting DNS lookup, it would return the same listing for the pure TLD and a second level TLD. Hmm. I hadn't thought of this, I'll give it a try and see if something chokes. Thanks! This seems to be a usable way to work around a domain in the stock util_rb_2tld lists. I added *.t35.com (made a convenient test case - actually listed locally with util_rb_2tld; going to remove it eventually) to our local URI blacklist, and while there have been missed spams with t35.com subdomains, none have shown up in the list to be added to the blacklist since I did so. -kgd
Re: How to remove a domain from a stock or third-party 2tld ruleset?
On Wed, 2010-05-26 at 11:35 -0400, Kris Deugau wrote:
Is there any way to take a domain listed with util_rb_2tld, and
un-2tld it (similar to how you can unwhitelist stock whitelist entries
if they don't work well with your mail)?
IIRC this is not possible. Well, possible, but there's just no code to
handle it. ;)
I recently came across a free-subsite domain that seems to be part of
a cluster of **very** similar sites which I've given up listing
subdomains for locally; instead I've added the TLDs to a local blacklist.
For now I've just added a regular uri rule, but I'm pretty sure that
won't scale, and it doesn't help with some of the automation I've been
using to extract URIs not listed on any DNSBL yet from missed-spam reports.
uri rules should work. I wouldn't worry about scaling too much, because
the number of util_rb_2tld listings is limited.
Another approach, since I understand you want to query against a local
URI DNSBL, is simply to use wildcard DNS entries. Thus, regardless of a
2tld listing and the resulting DNS lookup, it would return the same
listing for the pure TLD and a second level TLD.
--
char *t=\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4;
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
Re: How to remove a domain from a stock or third-party 2tld ruleset?
Karsten Bräckelmann wrote: On Wed, 2010-05-26 at 11:35 -0400, Kris Deugau wrote: Is there any way to take a domain listed with util_rb_2tld, and un-2tld it (similar to how you can unwhitelist stock whitelist entries if they don't work well with your mail)? IIRC this is not possible. Well, possible, but there's just no code to handle it. ;) Didn't think so, but... I recently came across a free-subsite domain that seems to be part of a cluster of **very** similar sites which I've given up listing subdomains for locally; instead I've added the TLDs to a local blacklist. For now I've just added a regular uri rule, but I'm pretty sure that won't scale, and it doesn't help with some of the automation I've been using to extract URIs not listed on any DNSBL yet from missed-spam reports. uri rules should work. I wouldn't worry about scaling too much, because the number of util_rb_2tld listings is limited. Another approach, since I understand you want to query against a local URI DNSBL, is simply to use wildcard DNS entries. Thus, regardless of a 2tld listing and the resulting DNS lookup, it would return the same listing for the pure TLD and a second level TLD. Hmm. I hadn't thought of this, I'll give it a try and see if something chokes. Thanks! -kgd
Re: How to remove a domain from a stock or third-party 2tld ruleset?
On 2010-05-28 23:57, Kris Deugau wrote: Karsten Bräckelmann wrote: On Wed, 2010-05-26 at 11:35 -0400, Kris Deugau wrote: Is there any way to take a domain listed with util_rb_2tld, and un-2tld it (similar to how you can unwhitelist stock whitelist entries if they don't work well with your mail)? IIRC this is not possible. Well, possible, but there's just no code to handle it. ;) Didn't think so, but... I recently came across a free-subsite domain that seems to be part of a cluster of **very** similar sites which I've given up listing subdomains for locally; instead I've added the TLDs to a local blacklist. For now I've just added a regular uri rule, but I'm pretty sure that won't scale, and it doesn't help with some of the automation I've been using to extract URIs not listed on any DNSBL yet from missed-spam reports. uri rules should work. I wouldn't worry about scaling too much, because the number of util_rb_2tld listings is limited. Another approach, since I understand you want to query against a local URI DNSBL, is simply to use wildcard DNS entries. Thus, regardless of a 2tld listing and the resulting DNS lookup, it would return the same listing for the pure TLD and a second level TLD. Hmm. I hadn't thought of this, I'll give it a try and see if something chokes. Thanks! let me guess... .co.cc ?
How to remove a domain from a stock or third-party 2tld ruleset?
Is there any way to take a domain listed with util_rb_2tld, and un-2tld it (similar to how you can unwhitelist stock whitelist entries if they don't work well with your mail)? I recently came across a free-subsite domain that seems to be part of a cluster of **very** similar sites which I've given up listing subdomains for locally; instead I've added the TLDs to a local blacklist. The domain that's in the stock 2tld list is bravepages.com; it seems to be Yet Another Face of 0catch.com, and I've seen these domains as well: 1accesshost.com bigheadhosting.net easyfreehosting.com envy.nu digitalzones.com And no doubt there are a fairly long list of others in the cluster. For now I've just added a regular uri rule, but I'm pretty sure that won't scale, and it doesn't help with some of the automation I've been using to extract URIs not listed on any DNSBL yet from missed-spam reports. -kgd
