On Tue, Oct 11, 2022 at 11:52:17AM +0200, Matus UHLAR - fantomas wrote: > > On Sat, Oct 01, 2022 at 04:42:09PM +0200, Matus UHLAR - fantomas wrote: > > > perhaps these all should replace _DKIMDOMAIN_ by _AUTHORDOMAIN_ and > > > AND-ed > > > with DKIM_VALID_AU. > > > > > > can these checks be made the way DNS queries are done only when > > > DKIM_VALID_AU matches? > > > > > > perhaps playing with priority > > On 07.10.22 16:41, Henrik K wrote: > > It's not possible to use priority with askdns. The rule is launched then > > the all dependent tags are set, nothing more, nothing less. > > I see bug 7735 now and am curious if the cvhange only affects order of rule > calling or calling them at all.
It has no relevance on rule order or calling. It just affects when meta rule result will be evaluated. > So, if I make meta rule dependend on other rules: > > meta DOMAIN_IN_DNSWL_DWL (DKIM_VALID_AU && __DOMAIN_IN_DNSWL_DWL) > askdns __DOMAIN_IN_DNSWL_DWL _AUTHORDOMAIN_.dwl.dnswl.org TXT > describe __DOMAIN_IN_DNSWL_DWL author domain is listed in dwl.dnswl.org > > will __DOMAIN_IN_DNSWL_DWL always be called? __DOMAIN_IN_DNSWL_DWL is a standalone askdns rule. It does not know about anything metas or stuff that depends on it, so yes it's always called. Network lookups are generally always launched at the start of the scan (priority -100 to be exact), and results are checked later on when answer arrives. If you are hoping to prevent unnecessary DNS query, it's not possible.