> >On 25.03.08 07:57, James Gray wrote: > >>Why are rules that look up against this list still in the base of > >>SpamAssassin?? The SORBS dynamic list is so poorly maintained that it's > >>practically useless
> Matus UHLAR - fantomas wrote: > >I don't find it useless. It works quite well On 26.03.08 08:23, James Gray wrote: > Unless you receive mail from any of our customers. Actually I don't - they are listed in SORBS DUL... > >>and if you are an unfortunate who ends up > >>incorrectly listed in it, good luck getting off it! > > > >it's mostly problem of bad DNS configuration. > > Completely RFC compliant DNS. The default TTL is the recommended 3600 > seconds for both forward and reverse. Apparently they want us to use > 14400 or something equally ludicrous...it's my DNS system, not theirs. while no RFC forces setting of a TTL, some of them advise values ~1 day or more for records that do not change that often. Having TTL 3600 for normal records imho indicates just what SORBS points out at. I wouldn't trust you too. > >>Case at hand, the > >>company I work for purchased a /19 address block directly from APNIC > >>before anyone else had it (IOW, we were the first users of that block). > >> > >>We now have both our external mail IP's listed in SORBS_DUL despite the > >>fact the /24 they belong to, and the /24's on either side have NEVER > >>been part of a dynamic pool. > > > >what are those IPs and their DNS records? > > Why? Can you remove them from the SORBS_DUL? No, then it's not really > relevant then is it ;) I was trying to help you find the real problem. If you don't want help, stop bitching. I have seen more requests here to stop using some blacklists because of the requestor was unable to understand something. I think this is just another case... > >> SORBS refuse to delist them as our MX > >>records are different to these outgoing mail servers! FFS - we run > >>managed services for a number of ISP's why the hell would we *want* to > >>munge all our inbound and outbound mail through the same IP's?!? > > > >did you try discussing this problem on SORBS mailing lists? > > No, we tried using their support system as per their website (which was > a tedious, time consuming wasted effort). If the forums/lists are how > they "do" support for these sort of problems, then IMHO it's even more > reason to deprecate the use of SORBS in the base SpamAssassin rules. If you tried using their support forum to delist IPs that did not meet their delisting criteria, I don't wonder if they reject it without providing (other) reason. > Sorbs sux, don't use it. Last time we had this problem they wanted > money (and not an insignificant amount either) to remove a listing from > their systems. They arbitrarily add addresses to a database the IP's > owner can't control, then demand money to remove the listing; where I > come from, that's called extortion. using sorbs is quite efficient, the scoress say it all. If you (and other ISP's DNS admins) were able to configure DNS properly, they would be even more efficient without false positives. -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759
