Tue, 15 Mar 2016 12:52:06 -0400 Michael McConville <[email protected]> > Stuart Henderson wrote: > > On 2016/03/15 12:55, Craig Skinner wrote: > > > There are a few more paid rsync lists here: > > > http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists > > > > Ah that is a useful page. Maybe we could list it, e.g. > > > > Index: spamd.conf > > =================================================================== > > RCS file: /cvs/src/etc/mail/spamd.conf,v > > retrieving revision 1.5 > > diff -u -p -r1.5 spamd.conf > > --- spamd.conf 14 Mar 2016 21:36:52 -0000 1.5 > > +++ spamd.conf 15 Mar 2016 13:27:04 -0000 > > @@ -13,8 +13,10 @@ > > # Lists specified with the :white: capability apply to the previous > > # list with a :black: capability. > > # > > -# As of November 2004, a place to search for blacklists is > > -# http://spamlinks.net/filter-bl.htm > > +# As of March 2016, a place to search for blacklists is > > +# http://en.wikipedia.org/wiki/Comparison_of_DNS_blacklists > > +# - most of these are DNS-based only and cannot be used with spamd(8), > > +# but some of the lists also provide access to text files via rsync. > > > > all:\ > > :uatraps:nixspam: > > ok mmcc@ > > > > Generally, everything has changed from file feeds to DNS. > > > > Yep, because for the more actively maintained ones 1) new entries show > > up more quickly than any sane rsync interval, this is quite important > > for good blocking these days 2) DNS is less resource intensive and more > > easily distributed than rsync, and 3) importantly for the rbl providers, > > it gives additional input to them about new mail sources (if an rbl > > suddenly starts seeing queries from all over the world for a previously > > unseen address, it's probably worth investigation - I am sure this is > > why some of the commercial antispam operators provide free DNS-based > > lookups for smaller orgs). > > > > A more flexible approach would be to skip the PF table integration > > completely and do DNS lookups in spamd (or, uh, relayd, or something > > new) and based on that it could choose whether to tarpit, greylist or > > transparent-forward the connection to the real mail server. This > > would also give a way to use dnswl.org's whitelist to avoid greylisting > > for those hosts where it just doesn't work well (gmail, office365 etc). > > Interesting, I didn't even know that rsync blacklists existed. That was > the cause for confusion about Spamhaus's price earlier.
A list is a flat data file, which is text, word / line oriented. The DNS transport for this is incomprehensible even on hard attempt at it. Records, routes, filters, zones, regions, are text, should be carried by all means using text interfaces. No matter word, line or region at a time. What's going on with the BGP as a transport then, is it available to the general public? Must be much better than the fubar DNS. Nackts thing and we'd be attempting carping on tunnelled over DNS syndrome. Constructively, it's all about money extortion when it comes to email malpractice, nobody wants to stop spam except a handful of idealists, so resource lists are another financial abstraction to allow only the good much more worthier spam you actually need to reach your mailbox. > Would it make sense to enable a blacklist or two by default in spamd? > They seem to be an effectively necessary part of a sane mail server > configuration these days. Commercial interests, are best avoided by peer review. So, why not enable OpenBSD own block list then? It would just take a few mythic man years to maintain. Hm, never thought of it this way, scratch it.
