Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-08 Thread RW
On Sat, 8 Aug 2020 16:21:24 +0100 RW wrote: > On Fri, 7 Aug 2020 11:56:45 +0200 > Benoit Panizzon wrote: > > > > > Well, but now I need to tell SpamAssassin to only query IPv4 > > addresses on the first zone and only query IPv6 addresses on the > > ip6 one. > > > > I was not able to find a

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-08 Thread RW
On Fri, 7 Aug 2020 11:56:45 +0200 Benoit Panizzon wrote: > Well, but now I need to tell SpamAssassin to only query IPv4 addresses > on the first zone and only query IPv6 addresses on the ip6 one. > > I was not able to find a way to achieve this. Did I overlook > something? > It can almost be

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Benoit Panizzon
Hi Bill > Easy fix: do not use wildcards in IPv4 listings. I agree, for the purpose of a 'listed yes/no' blacklist this is the way to go. > Both rbldnsd and BIND have other mechanisms for compactly generating > records that cover an IPv4 /24 network without also generating records > for all

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Bill Cole
On 7 Aug 2020, at 5:56, Benoit Panizzon wrote: Hi Gang I am part of the SWINOG Anti-Spam Blacklists team which are used by a handfull of swiss ISP. Very early, we also started adding IPv6 addresses to the blacklist but soon noticed that there is a potential problem with IPv6 and wildcard

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Raymond Dijkxhoorn
Hi! I don't believe that use-case has been considered before. What does the rule you are using look like and I will double check? Not even sure why you want to add that with the asteriks there. Let's assume 2.0.0.0/24 is full of abusers and you decide to throw their whole /24

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Benny Pedersen
Benoit Panizzon skrev den 2020-08-07 11:56: Well, but now I need to tell SpamAssassin to only query IPv4 addresses on the first zone and only query IPv6 addresses on the ip6 one. single zone with recults code for ipv4 and ipv6 ranges, the text record need to be overlaping in ipv4 and ipv6,

Re: DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Kevin A. McGrail
I don't believe that use-case has been considered before. What does the rule you are using look like and I will double check? On Fri, Aug 7, 2020, 05:56 Benoit Panizzon wrote: > Hi Gang > > I am part of the SWINOG Anti-Spam Blacklists team which are used by a > handfull of swiss ISP. > > Very

DNS Blacklist wildcard query: distinguish IP v4/v6 to avoid false positives

2020-08-07 Thread Benoit Panizzon
Hi Gang I am part of the SWINOG Anti-Spam Blacklists team which are used by a handfull of swiss ISP. Very early, we also started adding IPv6 addresses to the blacklist but soon noticed that there is a potential problem with IPv6 and wildcard entries. Let's assume 2.0.0.0/24 is full of abusers