verifying DNSBLs

[Peter Matulis]

How can I verify whether my system is really using DNSBLs?  From what I have 
read all I need to
do is install Net::DNS.  I have read as well that if the filtering gateway is 
running a local
nameserver that it should not be pointing to itself otherwise the DNSBLs 
mechanism will fail.
And is there any difference in performance between implementing them via SA or 
the MTA?  Thank you.

__ 
Post your free ad now! http://personals.yahoo.ca

Re: verifying DNSBLs

[Morris Jones]

Peter Matulis wrote:
How can I verify whether my system is really using DNSBLs?
If it's using them, many of your spams will show up with BL tests 
hitting in the header.

You can also take a nice juicy spam and feed it to spamassassin with the 
-D flag and watch the trace messages.

Best regards,
Mojo
--
Morris Jones
Monrovia, CA
http://www.whiteoaks.com
Old Town Astronomers: http://www.otastro.org

RE: verifying DNSBLs

[Kang, Joseph S.]

 -Original Message-
 From: Peter Matulis [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, December 07, 2004 6:55 PM
 Subject: verifying DNSBLs
 
 And is there any difference in performance between
 implementing them via SA or the MTA?  Thank you.

As far as I know, most uses of DNSBLs at the MTA level are for rejecting
message prior to taking any other action on them (i.e., accepting the
message and then scanning with SA, etc.).  

So, if you use BLs at the MTA level, you're going to cut down on the number
of messages accepted by the server for further action.  If you implement via
SA, you've already accepted the message for delivery and are just using the
BL information to adjust message scoring.

It's really a matter of taste, are you more willing to reject messages at
the MTA layer (prior to accepting) knowing that there are bound to be FPs on
the DNSBLs?  Or, are you more willing to accept all messages and let the end
user do what they wish with the messages?

Hope this helps.

-Joe K.