On 23 Jan 2018, at 21:26 (-0500), David Jones wrote:
We could setup a 60_blacklist_from.cf file in the SA ruleset for
definite bad domains but that's probably not the best place to
maintain that. It really should be in major DBLs that SA already
knows to check.
+1
Unsurprisingly, running a derogatory reputation service is a toxic
quagmire that the Apache SpamAssassin Project should not dive into. I
have nothing but awe and respect for Steve Linford & his team at
Spamhaus, precisely because they have figured out how to survive while
publicly saying blatantly unflattering things about many people who have
little respect for law or basic human decency. Doing that requires human
and technical infrastructure that I would not expect the ASF or
independent benefactors to be able or willing to provide. IMHO it is
risky enough that we essentially bless a subset of a restricted class of
senders via the "default whitelist" subsystem and we don't need the
headache of distributing a list of "bad guys" that would need constant
diligent maintenance to avoid being de facto defamatory. After all,
domain registrations do expire and people do blindly re-register
"burner" domains that spammers have had their fill of and let expire.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Currently Seeking Steady Work: https://linkedin.com/in/billcole
