https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6048
--- Comment #20 from Steve Freegard <[email protected]> 2009-01-22 07:51:22 PST --- (In reply to comment #19) > (In reply to comment #17) > > (In reply to comment #14) > > > > > So it isn't clear that a really high score will get administrator > > > attention > > > sufficiently quickly. > > > > If all mail being tagged doesn't get their attention quickly, I'm not sure > > what > > will. I can't think of anything SA can do that would get attention faster. > > I don't know if that is appropriate at all. Bear in mind that in some > situations, a sufficiently high score would result in the mail being bounced! > If going over a URIBL query limit results in all mail coming in to your site > bouncing, that's a very serious problem. :( Yes - this is exactly the reason I raised this bug. The behaviour is unique to URIBL and I have AlexB's assurances that deliberate positive results for all queries is rarer that I think it is (as I've been hit by this collateral damage several times now). > I would be in favour of a well-known test endpoint: "blocked.multi.uribl.com". > for most queries that would return "0.0.0.0" with a long TTL. for sites > blocked due to too many queries, that would return "255.255.255.255" with a > long TTL. These are very cacheable and would be extremely low-load. This > provides a way for clients like SA to query and determine if a caller is > overloading the servers; in that situation we can issue warnings, fire > informational rules, log stuff to the syslogs etc. There is already a BCP proposal for this: http://www.ietf.org/internet-drafts/draft-irtf-asrg-bcp-blacklists-05.txt Note: In Section 3.4 it is noted that some DNSBLs have shut down in such a way to list all of the Internet. Further, in Section 3.5, DNSBL operators MUST NOT list 127.0.0.1. Therefore, a positive listing for 127.0.0.1 SHOULD be interpretable as an indicator that the DNSBL has started listing the world and is non-functional. Although this paragraph is about shutting down a DNSBL; it is in essence exactly what URIBL are trying to achieve on a querying IP level - so I believe the same applies. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
