On Tue, 2008-09-16 at 20:12 +0200, mouss wrote: > Marc Perkel wrote: > > Looking from opinions from people running rbl blacklists. > > > > I have a list that contains a lot of name based information. I'm about > > to add a lot more information to the list and what will happen is that > > when you look up a name you might get several results. For example, a > > hostname might be blacklisted, be in a URIBL list, be in a day old bread > > list, and a NOT QUIT list. So it might return 4 results like 127.0.0.2, > > 127.0.0.6, 127.0.0.7, 127.0.0.8. > > > > Is this what would be considered "best practice". My thinking is that > > having one list that returns everything is very efficient. > > > > Thoughts? > > returning multiple results is easier to manage (you can point to a > single dns entry and have a single TXT record) and to parse. for > example, I could do (in postfix): > > check_rbl_client mark.example=127.0.0.3 > warn_if_reject check_rbl_client mark.example=127.0.0.4 > check_rbl_client mark.example > > some people use bitmasks instead. but this is harder to parse/implement. > > after all, spamhaus, sorbs, spamcop, .. don't use bitmasks.
True, but uribl and surbl do. SpamAssassin makes it easy to use that syntax. I doubt I would use Marc's list as a postfix death penalty, but it's conceivable it might garner a point or two towards a SpamAssassin score. -- Daniel J McDonald, CCIE #2495, CISSP #78281, CNX Austin Energy http://www.austinenergy.com
signature.asc
Description: This is a digitally signed message part