Hi Kevin,

It's been a while since I looked, but our spamassassin setup is using your
KAM.cf file:

As for the RBLs, I know we use some of it, and I indeed worked to fix dns
on the spamassassin cluster to not be blocked from the RBLs.

Unsure what the status now is of the spamassassin cluster though.

On Wed, Aug 9, 2017 at 7:20 AM, Kevin A. McGrail <kmcgr...@apache.org>

> Hi Infra,
> I wrote this email a few months ago and wanted to poke about the issue at 
> Greg's recommendation a week or so ago because some attention to it is 
> happening on the SA users' list.
> I love our dogwood policy at the ASF.  However, the SA installation is a bit 
> in need of help for ASF's implementation. Certain lists are awash
> with spam.
> There are two light lifts for your consideration:
> 1 - My firm maintains a ruleset called KAM.cf which we have published
> open source for a long time (Anyone know how long? Certainly previous
> iterations back to 1999).  Please consider adding it for the SA install
> at Apache.
> Wget it about once a day 
> https://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
> 2 - Also, would like to know from your infra gnomes to use RBLs with
> your own rsync'd dataset.  Basic work:
> - Install rbldnsd (likely only source available, very stable, used by a
> LOT of major players) - lightweight DNS agent made for RBLs.
> - Setup rsync to our dataset which is wild.pccc.com
> - Setup the DNS servers the machine(s) you have running spamassassin to
> forward queries for wild.pccc.com to the IP for rbldnsd.
> - Add rules for our wild.pccc.com RBL.  NOTE: These rules were in use by
> MILLIONS of cPanel installations with very minimal issues but the sheer
> size of their installation overwhelmed us.
> - By getting this done, you will then have all the infrastructure
> necessary for other RBLs which I'll ask for free datafeeds.
> NOTE: I already use spam that gets through on SA lists to go into our
> queue for processing.  So it will have a real-time effect on ASF and we
> are a commercial service who understands FPs and not interrupting mail
> flow.
> Additionally, as pointed out on the SA Users Mailing List today, the known 
> issue that the ASF is exceeding free for some RBL queries is publicly being 
> discussed which could be considered a security concern: 
> https://lists.apache.org/thread.html/0ad12d5216122939ea8544601a5e87961ff8812e319cda78caf3bd8e@%3Cusers.spamassassin.apache.org%3E
> Regards, KAM
> --
> Kevin A. McGrail
> Asst. Treasurer & VP Fundraising, Apache Software Foundation
> Chair Emeritus Apache SpamAssassin Project

Reply via email to