On Tue, Oct 11, 2022 at 11:52:17AM +0200, Matus UHLAR - fantomas wrote:
> > On Sat, Oct 01, 2022 at 04:42:09PM +0200, Matus UHLAR - fantomas wrote:
> > > perhaps these all should replace _DKIMDOMAIN_  by _AUTHORDOMAIN_ and 
> > > AND-ed
> > > with DKIM_VALID_AU.
> > > 
> > > can these checks be made the way DNS queries are done only when
> > > DKIM_VALID_AU matches?
> > > 
> > > perhaps playing with priority
> 
> On 07.10.22 16:41, Henrik K wrote:
> > It's not possible to use priority with askdns.  The rule is launched then
> > the all dependent tags are set, nothing more, nothing less.
> 
> I see bug 7735 now and am curious if the cvhange only affects order of rule
> calling or calling them at all.

It has no relevance on rule order or calling.  It just affects when meta
rule result will be evaluated.

> So, if I make meta rule dependend on other rules:
> 
> meta          DOMAIN_IN_DNSWL_DWL     (DKIM_VALID_AU && __DOMAIN_IN_DNSWL_DWL)
> askdns                __DOMAIN_IN_DNSWL_DWL   _AUTHORDOMAIN_.dwl.dnswl.org TXT
> describe      __DOMAIN_IN_DNSWL_DWL   author domain is listed in dwl.dnswl.org
> 
> will __DOMAIN_IN_DNSWL_DWL always be called?

__DOMAIN_IN_DNSWL_DWL is a standalone askdns rule.  It does not know about
anything metas or stuff that depends on it, so yes it's always called. 
Network lookups are generally always launched at the start of the scan
(priority -100 to be exact), and results are checked later on when answer
arrives.  If you are hoping to prevent unnecessary DNS query, it's not
possible.

Reply via email to