Re: Problem with sa-blacklist
Michael Monnerie wrote: I can't reach Bill Stearns, so I try at this list: Dear Bill, I'm using the sa-blacklist.reject for postfix since a long time, but these last days your rsync doesn't work anymore: rsync: failed to connect to rsync.sa-blacklist.stearns.org: Connection timed out (110) So I had a look if something changed on http://www.sa-blacklist.stearns.org/sa-blacklist/ but obviously the information there is quite old: If I download the sa- blacklist.current.reject, it has a version of April: 200904171539 while my last rsync version is 200910142031 Any chance for a fix? mfg zmi SA-blacklist and sa-blacklist-uri are both dead as far as use within SpamAssassin goes. Although someone updated it in 2009, for all practical purposes it's use as a SA ruleset has been dead (or at least dying) since 2004. (when the WS sub-list of surbl.org was created) While it was an interesting case study, but it is *VERY* inefficient, and will kill most servers. Any use of it should be restricted to research purposes only (i.e.: reading the list manually to study patterns in emerging spam domains). It is too heavyweight to use under SpamAssassin. The plain sa-blacklist was not very effective, and consumed lots of memory (750MB per spamd instance?). This list worked on the From: address of the message, which spammers recycle very quickly. This means lots of addresses, a huge list, and very low hitrate due to low re-use. Plain and simple waste of memory to use it under SA. (although manually looking at the list does have some uses... as noted above..) The URI version has become the WS list over on surbl. This version had better hitrates, but the very large list consumed large amounts of memory too. Also, searching this huge list as a large number regular expressions is so computationally intensive that most systems can complete a DNS lookup against surbl.org before the regexes finish running. It is not unheard of for this ruleset to add 10 or more seconds to message processing, in addition to the over 1 gig of ram it consumes. Sure a more recent server with more CPU beef and fast ram could probably complete it in 3 seconds or so, but that is still slower than a DNS lookup. Most admins are not willing to devote several gigs of ram just for their SpamAssassin instances. I doubt you are either, so please don't use sa-blacklist. Unless you're looking to use it as a data set for analysis purposes, it is dead, and has been for a long time. The valuable parts have evolved into parts of SURBL, which is already in SpamAssassin, unless you're dealing with a version that is over 4 years old.
Re: Problem with sa-blacklist
On Samstag, 21. November 2009 Matt Kettler wrote: SA-blacklist and sa-blacklist-uri are both dead as far as use within SpamAssassin goes. Thank you for your answer, Matt. I have to apologize, I forgot to mention that I do not use that list in SA, for the reasons you listed. Instead, I used the postfix blacklist version of it, for a simple blacklist. Is there any replacement for it? mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660 / 415 65 31 .network.your.ideas. // PGP Key: curl -s http://zmi.at/zmi.asc | gpg --import // Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4 // Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4 signature.asc Description: This is a digitally signed message part.
Problem with sa-blacklist
I can't reach Bill Stearns, so I try at this list: Dear Bill, I'm using the sa-blacklist.reject for postfix since a long time, but these last days your rsync doesn't work anymore: rsync: failed to connect to rsync.sa-blacklist.stearns.org: Connection timed out (110) So I had a look if something changed on http://www.sa-blacklist.stearns.org/sa-blacklist/ but obviously the information there is quite old: If I download the sa- blacklist.current.reject, it has a version of April: 200904171539 while my last rsync version is 200910142031 Any chance for a fix? mfg zmi -- // Michael Monnerie, Ing.BSc- http://it-management.at // Tel: 0660 / 415 65 31 .network.your.ideas. // PGP Key: curl -s http://zmi.at/zmi.asc | gpg --import // Fingerprint: AC19 F9D5 36ED CD8A EF38 500E CE14 91F7 1C12 09B4 // Keyserver: wwwkeys.eu.pgp.net Key-ID: 1C1209B4
Re: Problem with sa-blacklist
On 20.11.09 12:47, Michael Monnerie wrote: I can't reach Bill Stearns, so I try at this list: Dear Bill, I'm using the sa-blacklist.reject for postfix since a long time, but these last days your rsync doesn't work anymore: rsync: failed to connect to rsync.sa-blacklist.stearns.org: Connection timed out (110) do you use it at postfix level as regex filter? So I had a look if something changed on http://www.sa-blacklist.stearns.org/sa-blacklist/ but obviously the information there is quite old: If I download the sa- blacklist.current.reject, it has a version of April: 200904171539 while my last rsync version is 200910142031 Any chance for a fix? what about using URIBL/SURBL (or full SA with them) instead? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Saving Private Ryan... Private Ryan exists. Overwrite? (Y/N)
