https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6724
--- Comment #31 from Kevin A. McGrail <[email protected]> 2011-12-19 16:00:29 UTC --- (In reply to comment #30) > (In reply to comment #2) > > > http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block > > > > Matthias, are you able to block/return no answers or return a last octet of > > 255 > > as a blocked answer. And NOT return purposefully wrong answers? > > As we speak, various updates are propagating to the mirrors. Significant > abuser > of the public nameserver infrastructure will now be redirected to a different > view of the parent zone. This view is different from the main zone in the > following ways: > > * The SOA rname YOU.ARE.BLOCKED.FROM.dnswl.org. > * The zone has a TXT RR "You are blocked from using list.dnswl.org through > public nameservers" > * The "list" sub-zone does not have the a.ns, b.ns etc RRs, but only one: > "you.are.blocked.from.using.dnswl.org.thorugh.public.nameservers.invalid." > * Has a TXT RR for quick-and-dirty manual testing: "amiblocked.dnswl.org" > which > contains "Yes". > > This should avoid any unnecessary queries and limit collateral damage. Neat! > There are now no more entries that would return "high trust" result in cases > where we want admins/operators to fix something on their end. > > > header RCVD_IN_DNSWL_BLOCKED > > eval:check_rbl_sub('dnswl-firsttrusted', > > '^127\.0\.\d+\.255$') > > We can basically return any A record, but will wait for the outcome of the > discussion in bug 6728 (esp comment #11 suggesting the use of 0.0.0.0). As the commit is already done checking for 127.0.X.255, this is a simple IP address change handled by sa-update AND we are already using another 127 bit for URIBL, I see no reason to hold things up based on Comment 11 at this time. If you can implement this with 127.0.0.255, then the blocked rule is already live and I can then turn back on the scoring for DNSWL. Regards, KAM -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
