On 2/25/26 1:28 AM, Kent Oyer wrote:
Requesting feedback from the group.The standard SA ruleset includes an extensive list of domains in uridnsbl_skip_domain. The idea is to skip RBL lookups for domains that are unlikely to be on a blocklist. However it also prevents lookups on "welcome" lists such as dkimwl.org. I'm thinking of implementing a new tflag `noskip` that bypasses the skip list for askdns rules. Or we could repurpose the `nice` flag so that nice rules automatically skip the skip list. Alternative 1: Remove legit domains from uridnsbl_skip_domain, and just use it for domains like example.com that would never be on any list. This would obviously increase DNS queries. Alternative 2: Make two separate lists such as `uridnsbl_skip_good_domain` & `uridnsbl_skip_bad_domain` so we can skip looking up good domains on bad lists and bad domains on good lists. Domains such as example.com could be on both lists. Any thoughts?
I think we should use a noskip `tflag`, creating two lists would be complex to maintain since we need backwards compatibility for older SA versions. Giovanni
OpenPGP_signature.asc
Description: OpenPGP digital signature
