We currently have this auto-publishing of rules from sandbox to sa-update,
based on how well they do in some automated testing. The thing about
URIBL_RHS_URIBL_BLACK (which is a test rule) made me think, though --
should we modify this to require a more explicit sign-off for the rules
that we want published?
We can already do this (labouriously) by adding "tflags nopublish" to
every rule, or renaming them to have the T_ prefix. What I'm thinking
though, is that rules in sandboxes be implicitly considered "nopublish"
for sa-update use, unless *explicitly* marked "publish".
This would be in addition to the automated testing step, too. In other
words, a rule would have to:
- be in rulesrc/sandbox/whoever/foo.cf
- not named T_SOMETHING
- be listed with "tflags publish"
- pass the QA freqs thresholds
to make it into sa-update.
This was we wouldn't get test rules like URIBL_RHS_URIBL_BLACK (which
seemingly had good enough freqs to be published) getting into updates;
whereas when we write new rules that *are* intended for updates (assuming
they work and catch enough spam), they'll get published easily.
I think that should cut down on the danger of test rules getting
published when we don't want that to happen.
Thoughts?
--j.
