Hi! a)
== 442 Connection from $IP temporarily refused, host listed by $LIST == Both: { RBLError URIBLError } to this AvError in case, when in ASSP installation used special ClavAV .DB with spam messages signatures b) IMHO, best _allow_ set RBLError ( and Co) a-la RBLError:=442 4.2.2 DNS Blacklisted by RBLLISTED ( Default settings: RBLError:=554 5.7.1 DNS Blacklisted by RBLLISTED ) and if RBLError contain 4XX do " emit a "tempfail" " Best regards, Victor Miasnikov Blog: http://vvm.blog.tut.by/ ----- Original Message ----- From: "Thomas Eckardt" <thomas.ecka...@thockar.com> To: "ASSP development mailing list" <assp-test@lists.sourceforge.net> Sent: Tuesday, September 04, 2012 8:03 PM Subject: [Assp-test] Antwort: DNSBL reject msg... RBLError AvError ÜRIBLError ??? ..... Thomas Von: Grayhat <gray...@gmx.net> An: assp-test@lists.sourceforge.net, Datum: 04.09.2012 17:20 Betreff: [Assp-test] DNSBL reject msg... I've been reading some stuff and found that there are pros and cons to what I'm suggesting... let me go straight to the ball; at the moment, if ASSP uses DNS blacklists (or URIBLs for that) and if an IP (or URL or domain) is listed (or at least the list score goes "over limit") the result is a 5xx reject message; fine, but what about adding an option so that, instead of emitting a reject, ASSP could emit a "tempfail", that is, something like (e.g.) 442 Connection from $IP temporarily refused, host listed by $LIST this way, even if using "aggressive" lists, a given message won't be directly rejected but just delayed and, if the sending MTA retries (and if our "aggressive list" suddenly removes the IP - e.g. false positive cases), the mail won't be lost in outer space but just delayed; I know, you may object that this may possibly cause some additional load to the box running ASSP, but consider that spambots almost *ignore* the SMTP result code, so at all effects, adopting such an option would slightly help getting mail from "good hosts" which, for a reason or another got listed by some DNS blacklist; I think that adding such an option to ASSP (and again, an OPTION, not a default behaviour) may be useful. thoughts ? ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test