Re: policyd-weight feature request
On Thu, 10 Jan 2008, Robert Felber wrote: On Sun, Dec 23, 2007 at 06:23:11AM -0500, Justin Piszcz wrote: Hi, Was wondering if support for whitelists would be made available in policyd-weight? For example, see: http://www.dnswl.org/ I add it in here: 'list.dnswl.org',0.00,-5.0, 'DNSWL', change this to 'list.dnswl.org',-5.0,0, 'DNSWL', The first score is added if the RBL/DNSWL has hit, i.e. the client is listed. If the HIT score is greater than 0 it is treated as a RBL hit, if the score is less than 0 (eg: -1) it is treated as a DNSWL hit. But it still counts as a 'bad' RBL, is there any chance of making a whitelist section where if X number of whitelist RBLs include a certain IP -or- the value is less than X it is allowed? This then leads to a second question, perhaps one wants to place emphasis or weight upon the trust level: Per: http://www.dnswl.org/tech Trustworthiness / Score (127.0.x.Y): * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo mailservers, -0.1) * 1 = low - reduce chance of false positives (-1.0) * 2 = medium - make sure to avoid false positives but allow override for clear cases (-10.0) * 3 = high - avoid override (-100.0). So it would need to be something like: list.dnswl.org ret=127.0.0.0 -5.0 list.dnswl.org ret=127.0.0.1 -3.0 Just an idea.. But the main request is a @whitelist for RBL's to help reduce false positives. Justin. Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/ Ah!! Thanks! Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: policyd-weight feature request
On Sun, Dec 23, 2007 at 06:23:11AM -0500, Justin Piszcz wrote: > Hi, > > Was wondering if support for whitelists would be made available in > policyd-weight? > > For example, see: http://www.dnswl.org/ > > I add it in here: > > 'list.dnswl.org',0.00,-5.0, 'DNSWL', change this to 'list.dnswl.org',-5.0,0, 'DNSWL', The first score is added if the RBL/DNSWL has hit, i.e. the client is listed. If the HIT score is greater than 0 it is treated as a RBL hit, if the score is less than 0 (eg: -1) it is treated as a DNSWL hit. > But it still counts as a 'bad' RBL, is there any chance of making a whitelist > section where if X number of > whitelist RBLs include a certain IP -or- the value is less than X it is > allowed? > > This then leads to a second question, perhaps one wants to place emphasis or > weight upon the trust level: > > Per: http://www.dnswl.org/tech > > Trustworthiness / Score (127.0.x.Y): > > * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo mailservers, > -0.1) > * 1 = low - reduce chance of false positives (-1.0) > * 2 = medium - make sure to avoid false positives but allow override for > clear cases (-10.0) > * 3 = high - avoid override (-100.0). > > So it would need to be something like: > > list.dnswl.org ret=127.0.0.0 -5.0 > list.dnswl.org ret=127.0.0.1 -3.0 > > > Just an idea.. But the main request is a @whitelist for RBL's to help reduce > false positives. > > Justin. > > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Robert Felber (PGP: 896CF30B) Munich, Germany Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: policyd-weight feature request
* Henrik Krohns <[EMAIL PROTECTED]> [2007-12-23 14:08:41 +0200]: > On Sun, Dec 23, 2007 at 06:55:04AM -0500, Justin Piszcz wrote: > > > Yes but the reason I'd like it in policyd-weight instead of postfix is its > > not a good idea to explicitly allow/whitelist that many hosts, some of them > > are still spam, I got a spam yesterday from a host that was listed on that > > list, that is why I'd rather take the weight of all of the RBL's combined + > > the whitelist and hash it out. > > You are not whitelisting anything in a sense. Only preventing policyd-weight > from making unnecessary and potentially unsafe checks. If a message is > coming from a whitelisted host, you should be just doing a complete scan > with SpamAssassin. +1! -- Sahil Tandon <[EMAIL PROTECTED]> Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: policyd-weight feature request
On Sun, 23 Dec 2007, Henrik Krohns wrote: On Sun, Dec 23, 2007 at 06:23:34AM -0500, Justin Piszcz wrote: Hi, Was wondering if support for whitelists would be made available in policyd-weight? Of course you should just bypass whitelisted hosts with postfix tables so they don't get to policyd-weight at all. It doesn't have any checks that matter for "good" relays, SA should handle those. For those that insist on using policyd-weight, yeah maybe there could be some option to check dnswl (negative rbls) first and stop tests immediately at given level. Yes but the reason I'd like it in policyd-weight instead of postfix is its not a good idea to explicitly allow/whitelist that many hosts, some of them are still spam, I got a spam yesterday from a host that was listed on that list, that is why I'd rather take the weight of all of the RBL's combined + the whitelist and hash it out. Justin. Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: policyd-weight feature request
On Sun, 23 Dec 2007, Steve wrote: Original-Nachricht Datum: Sun, 23 Dec 2007 06:23:34 -0500 (EST) Von: Justin Piszcz <[EMAIL PROTECTED]> An: [email protected] Betreff: policyd-weight feature request Hi, Was wondering if support for whitelists would be made available in policyd-weight? For example, see: http://www.dnswl.org/ I add it in here: 'list.dnswl.org',0.00,-5.0, 'DNSWL', But it still counts as a 'bad' RBL, I had that issue some time ago. I wrote to Robert asking to only count as bad dnsbl if the rating added is positive. If a negative rating is added, then the bad dnsbl is not counted. I think that this is now the default way of calculating inside policyd-weight. What version are you using? 0.1.14 beta-12 currently. is there any chance of making a whitelist section where if X number of whitelist RBLs include a certain IP -or- the value is less than X it is allowed? This then leads to a second question, perhaps one wants to place emphasis or weight upon the trust level: Per: http://www.dnswl.org/tech Trustworthiness / Score (127.0.x.Y): * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo mailservers, -0.1) * 1 = low - reduce chance of false positives (-1.0) * 2 = medium - make sure to avoid false positives but allow override for clear cases (-10.0) * 3 = high - avoid override (-100.0). So it would need to be something like: list.dnswl.org ret=127.0.0.0 -5.0 list.dnswl.org ret=127.0.0.1 -3.0 Just an idea.. But the main request is a @whitelist for RBL's to help reduce false positives. Justin. Steve Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Pt! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger?did=10 Policyd-weight Mailinglist - http://www.policyd-weight.org/
Re: policyd-weight feature request
Original-Nachricht > Datum: Sun, 23 Dec 2007 06:23:34 -0500 (EST) > Von: Justin Piszcz <[EMAIL PROTECTED]> > An: [email protected] > Betreff: policyd-weight feature request > Hi, > > Was wondering if support for whitelists would be made available in > policyd-weight? > > For example, see: http://www.dnswl.org/ > > I add it in here: > >'list.dnswl.org',0.00,-5.0, 'DNSWL', > > But it still counts as a 'bad' RBL, > I had that issue some time ago. I wrote to Robert asking to only count as bad dnsbl if the rating added is positive. If a negative rating is added, then the bad dnsbl is not counted. I think that this is now the default way of calculating inside policyd-weight. What version are you using? > is there any chance of making a > whitelist section where if X number of whitelist RBLs include a certain IP > -or- the value is less than X it is allowed? > > This then leads to a second question, perhaps one wants to place emphasis > or weight upon the trust level: > > Per: http://www.dnswl.org/tech > > Trustworthiness / Score (127.0.x.Y): > > * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo > mailservers, -0.1) > * 1 = low - reduce chance of false positives (-1.0) > * 2 = medium - make sure to avoid false positives but allow override > for clear cases (-10.0) > * 3 = high - avoid override (-100.0). > > So it would need to be something like: > > list.dnswl.org ret=127.0.0.0 -5.0 > list.dnswl.org ret=127.0.0.1 -3.0 > > > Just an idea.. But the main request is a @whitelist for > RBL's to help reduce false positives. > > Justin. > Steve > > Policyd-weight Mailinglist - http://www.policyd-weight.org/ -- Pt! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger?did=10 Policyd-weight Mailinglist - http://www.policyd-weight.org/
policyd-weight feature request
Hi, Was wondering if support for whitelists would be made available in policyd-weight? For example, see: http://www.dnswl.org/ I add it in here: 'list.dnswl.org',0.00,-5.0, 'DNSWL', But it still counts as a 'bad' RBL, is there any chance of making a whitelist section where if X number of whitelist RBLs include a certain IP -or- the value is less than X it is allowed? This then leads to a second question, perhaps one wants to place emphasis or weight upon the trust level: Per: http://www.dnswl.org/tech Trustworthiness / Score (127.0.x.Y): * 0 = none - only avoid outright blocking (eg Hotmail, Yahoo mailservers, -0.1) * 1 = low - reduce chance of false positives (-1.0) * 2 = medium - make sure to avoid false positives but allow override for clear cases (-10.0) * 3 = high - avoid override (-100.0). So it would need to be something like: list.dnswl.org ret=127.0.0.0 -5.0 list.dnswl.org ret=127.0.0.1 -3.0 Just an idea.. But the main request is a @whitelist for RBL's to help reduce false positives. Justin. Policyd-weight Mailinglist - http://www.policyd-weight.org/
