Re: [courier-users] RBL answers
David Niklas writes: On Fri, 24 Mar 2017 16:41:35 -0400 Sam Varshavchik wrote: > > I think they're smart enough to understand how DNS works. I don't need > to tell them that. > > I can't quite put my finger on why exactly I believe that this would be > a waste of energy, trying to fight it. Call it a sixth sense, of sorts, > of me being involved in this industry for a while. If I brought the matter before them referencing this thread would you mind? (Not that I don't have better things to do but it's worth a try...) Feel free. This is a public mailing list. I always thought that it was quite silly for anyone on a public mailing list, that's probably archived and searchable in a bunch of places, to have some kind of an issue with their public scribblings being forwarded all over the place. pgpZLSQjf6heo.pgp Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
On Fri, 24 Mar 2017 16:41:35 -0400 Sam Varshavchik wrote: > David Niklas writes: > > > On 03/10/2017(Fri) 15:35 > > > That's the other thing that the blacklists definitely don't want: > > > excessi ve queries. Making two queries instead of one will put extra > > > load on the blacklists, and slow down your mail delivery. > > Well isn't that what they want, two quires instead of one? > > No. From the looks of it, they want either an A or a TXT query. > > > > That's why I think that getting rid of ANY is counter-productive. > > > But, it 's their call to make, so we'll go with that. > > Why not tell them that courier has a valid use case for the ANY > > query? > > I think they're smart enough to understand how DNS works. I don't need > to tell them that. > > I can't quite put my finger on why exactly I believe that this would be > a waste of energy, trying to fight it. Call it a sixth sense, of sorts, > of me being involved in this industry for a while. If I brought the matter before them referencing this thread would you mind? (Not that I don't have better things to do but it's worth a try...) Thanks, David -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
David Niklas writes: On 03/10/2017(Fri) 15:35 > That's the other thing that the blacklists definitely don't want: > excessi ve queries. Making two queries instead of one will put extra > load on the blacklists, and slow down your mail delivery. Well isn't that what they want, two quires instead of one? No. From the looks of it, they want either an A or a TXT query. > That's why I think that getting rid of ANY is counter-productive. But, > it 's their call to make, so we'll go with that. Why not tell them that courier has a valid use case for the ANY query? I think they're smart enough to understand how DNS works. I don't need to tell them that. I can't quite put my finger on why exactly I believe that this would be a waste of energy, trying to fight it. Call it a sixth sense, of sorts, of me being involved in this industry for a while. pgpkOv8TlGNkS.pgp Description: PGP signature -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
>On 03/10/2017(Fri) 15:35 >Sam Varshavchik wrote: >> SZÉPE Viktor writes: >> >> > Idézem/Quoting Sam Varshavchik : >> > >> > > In the long run this will be counterproductive, since the existing >> > > blacklists will now result in a generic "Access denied." bounces, >> > > instead of the blacklist-provided message that will point back to >> > > the blacklist. But, it's their decision to make. >> > >> > I think Courier should issue an A query and if it is positive than a >> > TXT one to get the description. >> > >> > What do you think about it? >> >> That's the other thing that the blacklists definitely don't want: >> excessi ve queries. Making two queries instead of one will put extra >> load on the blacklists, and slow down your mail delivery. >Well isn't that what they want, two quires instead of one? > >> That's why I think that getting rid of ANY is counter-productive. But, >> it 's their call to make, so we'll go with that. On 24.03.17 16:09, David Niklas wrote: >Why not tell them that courier has a valid use case for the ANY query? why do you think they would listen? They need to learn the hard way... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Emacs is a complicated operating system without good text editor. -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
On 03/10/2017(Fri) 15:35 Sam Varshavchik wrote: > SZÉPE Viktor writes: > > > Idézem/Quoting Sam Varshavchik : > > > > > In the long run this will be counterproductive, since the existing > > > blacklists will now result in a generic "Access denied." bounces, > > > instead of the blacklist-provided message that will point back to > > > the blacklist. But, it's their decision to make. > > > > I think Courier should issue an A query and if it is positive than a > > TXT one to get the description. > > > > What do you think about it? > > That's the other thing that the blacklists definitely don't want: > excessi ve queries. Making two queries instead of one will put extra > load on the blacklists, and slow down your mail delivery. Well isn't that what they want, two quires instead of one? > That's why I think that getting rid of ANY is counter-productive. But, > it 's their call to make, so we'll go with that. Why not tell them that courier has a valid use case for the ANY query? Thanks, David -- Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
Matus UHLAR - fantomas writes: >Is it worth considering A and TXT record lookups rather than ANY, given >the request to stop sending requests for ANY result? Might that request >indicate that requests for ANY will not be supported in the future? I got angry in the past at cloudflare for the stupid draft and already blocked a domain using their DNS because of that. I agree that this is somewhat dumb, and stupid. I understand the underlying technical factors. But it's still dumb, and stupid. Things have been working just fine, as is, for decades, with those same technical factors being present and everyone simply ignoring them. Nobody cares. This is nothing more than some pointy-headed academician, or a bunch of them, suddenly figuring out the problem with ANY that nobody cared about, ever, and thinks that he is the first one, ever, to figure it out, and this is nothing more than a public demonstration of how smart these boneheads, who are pushing for this, are. Because, see, they're smarter than everyone else, for figuring out this horrible flaw in DNS's design. But this is a battle that I cannot win. There will come a point that the blacklist operators will realize their short-sightedness in backing this idiocy. But, by that point, there will be nothing that they will be able to do about it. The cat's already out of the bag. pgpi_Z_v1ew9s.pgp Description: PGP signature -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
On 10.03.17 10:51, Gordon Messmer wrote: >I was checking the RBL queries and answers on a server this morning, >when I noticed this in the responses: > Please stop asking for ANY.See draft-ietf-dnsop-refuse-any > >Both spamhaus and abuseat provide this text in their replies to >Courier's RBL lookups. I have checked spamhaus now, and it returns: ;; QUESTION SECTION: ;242.241.43.39.zen.spamhaus.org.IN ANY ;; ANSWER SECTION: 242.241.43.39.zen.spamhaus.org. 900 IN TXT "https://www.spamhaus.org/query/ip/39.43.241.242"; 242.241.43.39.zen.spamhaus.org. 900 IN A 127.0.0.11 242.241.43.39.zen.spamhaus.org. 900 IN A 127.0.0.4 >Is it worth considering A and TXT record lookups rather than ANY, given >the request to stop sending requests for ANY result? Might that request >indicate that requests for ANY will not be supported in the future? I got angry in the past at cloudflare for the stupid draft and already blocked a domain using their DNS because of that. I really think I should publish "digany" script that will dig for any supported RRs so I _will_ be able to look at all configured records, if anyone's so stupid to disable ANY queries... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows found: (R)emove, (E)rase, (D)elete -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
On Fri 10/Mar/2017 21:00:23 +0100 SZÉPE Viktor wrote: > Idézem/Quoting Sam Varshavchik : >> Gordon Messmer writes: >> >>> I was checking the RBL queries and answers on a server this morning, >>> when I noticed this in the responses: >>> Please stop asking for ANY.See draft-ietf-dnsop-refuse-any >> >> Right now you can explicitly specify a message, to issue an A query: >> >> "-block=zen.spamhaus.org,Go away!" > > I think Courier should issue an A query and if it is positive than a > TXT one to get the description. > > What do you think about it? Rather than "Go away!" one can refer to the RBL, e.g. something like: "-block=zen.spamhaus.org,BLOCK1,\"550 Rejected - see http://www.spamhaus.org/query/bl?ip=@\""; (I copied the line above from my current settings. Check http://www.courier-mta.org/couriertcpd.html#idm255210649136) Couriertcpd replaces @ by IP; I guess that needs to be better documented. hth Ale -- -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
SZÉPE Viktor writes: Idézem/Quoting Sam Varshavchik : > In the long run this will be counterproductive, since the existing > blacklists will now result in a generic "Access denied." bounces, > instead of the blacklist-provided message that will point back to > the blacklist. But, it's their decision to make. I think Courier should issue an A query and if it is positive than a TXT one to get the description. What do you think about it? That's the other thing that the blacklists definitely don't want: excessive queries. Making two queries instead of one will put extra load on the blacklists, and slow down your mail delivery. That's why I think that getting rid of ANY is counter-productive. But, it's their call to make, so we'll go with that. pgp22qgBGRjND.pgp Description: PGP signature -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
Idézem/Quoting Sam Varshavchik : > Gordon Messmer writes: > >> I was checking the RBL queries and answers on a server this morning, >> when I noticed this in the responses: >> Please stop asking for ANY.See draft-ietf-dnsop-refuse-any >> >> Both spamhaus and abuseat provide this text in their replies to >> Courier's RBL lookups. >> >> Is it worth considering A and TXT record lookups rather than ANY, given >> the request to stop sending requests for ANY result? Might that request >> indicate that requests for ANY will not be supported in the future? > > Right now you can explicitly specify a message, to issue an A query: > > "-block=zen.spamhaus.org,Go away!" > > and this will result in an A query instead of an ANY. > > ANY was a convenient way to get both an IP address code from the > blocklist, as well as the blacklist-provided custom message. > > The referenced document is a general DNS document, not particular to > blacklists. But, because they're returning this response, this means > they're on board with this, and don't want ANY requests. Have to > respect that. > > I'll change the logic to always request for A record, unless the > custom message is explicitly set to '*', which will result in a TXT > query. > > In the long run this will be counterproductive, since the existing > blacklists will now result in a generic "Access denied." bounces, > instead of the blacklist-provided message that will point back to > the blacklist. But, it's their decision to make. I think Courier should issue an A query and if it is positive than a TXT one to get the description. What do you think about it? SZÉPE Viktor https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md -- +36-20-4242498 s...@szepe.net skype: szepe.viktor Budapest, III. kerület -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
Gordon Messmer writes: I was checking the RBL queries and answers on a server this morning, when I noticed this in the responses: Please stop asking for ANY.See draft-ietf-dnsop-refuse-any Both spamhaus and abuseat provide this text in their replies to Courier's RBL lookups. Is it worth considering A and TXT record lookups rather than ANY, given the request to stop sending requests for ANY result? Might that request indicate that requests for ANY will not be supported in the future? Right now you can explicitly specify a message, to issue an A query: "-block=zen.spamhaus.org,Go away!" and this will result in an A query instead of an ANY. ANY was a convenient way to get both an IP address code from the blocklist, as well as the blacklist-provided custom message. The referenced document is a general DNS document, not particular to blacklists. But, because they're returning this response, this means they're on board with this, and don't want ANY requests. Have to respect that. I'll change the logic to always request for A record, unless the custom message is explicitly set to '*', which will result in a TXT query. In the long run this will be counterproductive, since the existing blacklists will now result in a generic "Access denied." bounces, instead of the blacklist-provided message that will point back to the blacklist. But, it's their decision to make. pgp7NNXww7zjl.pgp Description: PGP signature -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
On 03/10/2017 11:00 AM, SZÉPE Viktor wrote: > CloudFlare is also retiring ANY queries. > > https://blog.cloudflare.com/deprecating-dns-any-meta-query-type/ "We aware of only two programs that issue ANY queries: Un-patched versions qmaild..." I laughed at that one. :) -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] RBL answers
CloudFlare is also retiring ANY queries. https://blog.cloudflare.com/deprecating-dns-any-meta-query-type/ Idézem/Quoting Gordon Messmer : > I was checking the RBL queries and answers on a server this morning, > when I noticed this in the responses: > Please stop asking for ANY.See draft-ietf-dnsop-refuse-any > > Both spamhaus and abuseat provide this text in their replies to > Courier's RBL lookups. > > Is it worth considering A and TXT record lookups rather than ANY, given > the request to stop sending requests for ANY result? Might that request > indicate that requests for ANY will not be supported in the future? > > -- > Announcing the Oxford Dictionaries API! The API offers world-renowned > dictionary content that is easy and intuitive to access. Sign up for an > account today to start using our lexical data to power your apps and > projects. Get started today and enter our developer competition. > http://sdm.link/oxford > ___ > courier-users mailing list > courier-users@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users SZÉPE Viktor https://github.com/szepeviktor/debian-server-tools/blob/master/CV.md -- +36-20-4242498 s...@szepe.net skype: szepe.viktor Budapest, III. kerület -- Announcing the Oxford Dictionaries API! The API offers world-renowned dictionary content that is easy and intuitive to access. Sign up for an account today to start using our lexical data to power your apps and projects. Get started today and enter our developer competition. http://sdm.link/oxford ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
