Requesting feedback from the group.
The standard SA ruleset includes an extensive list of domains in
uridnsbl_skip_domain. The idea is to skip RBL lookups for domains that are
unlikely to be on a blocklist. However it also prevents lookups on "welcome"
lists such as dkimwl.org.
I'm thinking of implementing a new tflag `noskip` that bypasses the skip list
for askdns rules. Or we could repurpose the `nice` flag so that nice rules
automatically skip the skip list.
Alternative 1:
Remove legit domains from uridnsbl_skip_domain, and just use it for domains
like example.com that would never be on any list. This would obviously increase
DNS queries.
Alternative 2:
Make two separate lists such as `uridnsbl_skip_good_domain` &
`uridnsbl_skip_bad_domain` so we can skip looking up good domains on bad lists
and bad domains on good lists. Domains such as example.com could be on both
lists.
Any thoughts?
Thanks
Kent
