On 13 Jul 2016, at 2:54, [email protected] wrote:
Hopefully this won't be interpreted as thread hijacking, but can
you elaborate of this?
-------
reject_rbl_client zen.spamhaus.org=127.0.0.2,
reject_rbl_client zen.spamhaus.org=127.0.0.3,
reject_rbl_client zen.spamhaus.org=127.0.0.4,
reject_rbl_client zen.spamhaus.org=127.0.0.10,
reject_rbl_client zen.spamhaus.org=127.0.0.11,
Those are, in order: SBL(chronic spam sources), CSS(snowshoers),
CBL(spambots), PBL(ISP-designated dynamic), and
PBL(Spamhaus-determined
dynamic)
---------
So I gather some element of "zen" are not to your liking?
No. Those are all of the documented return codes currently in use.
To be clear: I cannot imagine a circumstance where I would say: "I don't
think Steve Linford's judgment can be trusted with this." I know he's
not the sole operator of Spamhaus these days, but he's one of the few
people I've dealt with professionally who I trust so fully that I extend
that trust to the team and processes he has built for Spamhaus.
That is, if you didn't specify the return codes, zen would do all of
the above and more.
I don't believe that to be true. See these pages:
https://www.spamhaus.org/zen/
https://www.spamhaus.org/faq/section/Spamhaus%20XBL#136
I expect that if and when Spamhaus brings a new class of listing into
Zen and assigns it a new code, I will hear about it quite near the
launch and add it to the systems I manage immediately.
HOWEVER: in the history of DNSBLs there have been a number of cases
where technical or psychological glitches have caused a DNSBL to
effectively list the whole IPv4 space, sometimes with wild return codes.
Until Spamhaus clearly *intentionally* uses other return codes, I will
not treat them as meaningful. I trust Steve, his team, and their
processes, but I do not trust the universe to not toss up a bit of chaos
in random places like DNSBLs from time to time.
The Spamhaus write up on snow shoe spam is certainly interesting.
Yes. They were really the first anti-spam organization to notice the
snowshoe mechanism as a defining characteristic of a distinct class of
spammer in between the purely criminal botnet spammers and the nominally
legitimate sorts who can be handled by the SBL-style (or MAPS RBL-style,
if you're old enough...) human-vetted DNSBL.
