> It is not very difficult. But it is difficult (costly, to be > more precise, in terms of making very careful changes to the > code and determining performance changes) to change it to an > unlimited number of entries. So we need to decide how > important such a change is, the maximum value we can see our > customers using in the near future, and the effect of any > extra memory allocation.
Ok, I can understand this. > What happens here is that if we say "OK, this is a good use > of the IPBYPASS feature", there are going to be people who > use it like whitelisting, and want to enter hundreds or > thousands of IPs. What's wrong with it? It's their decision. Or not? > Then if you do not use the IPBYPASS option, and an E-mail > comes from one of those IPs, Declude JunkMail will still scan > the next hop (which is what you are getting with IPBYPASS). ? Doesn't mean HOPHIGH=1 that declude should scan two IPs? The first (connecting) one and -if present- the IP before. So I will accumulate in any case the (in my eyes false positive) points for this two IP blocks. > Perhaps a filter that checks the reverse DNS entry, such as > "REVDNS -10 CONTAINS .example.com"? For sure: This will work. But as I understand this will have the same result as with IP counterweights: The counterweight is static and I have to adapt manualy the changing listings of IP blacklists. Today this IP-blocks (or REVDNS names) are listed in only two blacklists. Tomorrow they can be listed in 8 or 10 blacklists and my static counterweight is far too low. This is also the reason why I've asked some weeks ago if it would be possible to query http://www.dnsstuff.com/tools/ip4r.ch by specifiing my own filter-list of IP blacklists (that I currently use in my cfg file). So it would be much much easier to check manualy what's the actual situation and what counterweight I have to assign. "Better" would be if I can post the ip4r- and rhbl-part of my filter file and the spam database lookup script would calculate and return "my personal result". "Amazing" would be if I'm able to BYPASS certain IP ranges. That give me the possibility to use any external IP blacklist and if I have the opinion that certain IP-ranges in their list are "wrong" then I can simply bypass them. I know: The problem are the ISPs that are not able to get permanently out of the blacklists. But what should I do? Call them and explain what they should do? I think we all are using declude because we have decided to go in a defensive position and fight spam. If I really want to persuade ignorant mailserver admins (and maybe also spammers) then it would be better to become a preacher... ;-) Markus --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.