Am 06.07.2016 um 14:36 schrieb RW:
On Tue, 5 Jul 2016 14:01:17 +0200 Reindl Harald wrote:since there is a local unbound-cache with cache-min-ttl: 300
thanks for the hint, but look at https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7335#c8reduce the value would make the problem even worser because what i observe is that after TTL is reached and unbound needs to query again the at least first question leads to a negativeresult in spamassassin while the next cache hit correctly has URIBL_BLACK again
so at the moment there is a tradeoff between get new domains fast enough and don't miss already known hits *and* that also affects SPF and so whitelist_auth in a bad way
You might want to review that. From http://uribl.com July 8, 2015: Reduction in list time latency The spam trend of late has been to use short lived, high-volume campaigns in order to capitalize on the reactive nature of blacklist services. In the past, it could take up to 4 minutes for us to identify, list, rebuild, and syncronize the update. Recent campaigns we have investigated have sent 80-90% of their payload within 3 minutes. Because of this, we have made a handful of enhancements to improve our identification speed and reduce the list time latency. As a result, we have reduced identification times by up to 100 seconds for new spam campaigns, by improving the speed at which we deliver live query data into our system. All users should see immediate results from these changes.
signature.asc
Description: OpenPGP digital signature