>>>>> "Daniel" == Daniel Quinlan <[EMAIL PROTECTED]> writes:
>> Does the bogon list at cymru.com not incorporate all the other
>> sources anyway? Can it not be used directly?
Daniel> No. We also filter out multicast addresses. Among other
Daniel> reasons, there's no good way to get the data (see below)
Daniel> and it's a web page, not a service.
The Team Cymru bogon list includes the multicast range. I'd be
surprised if they're any bogons you want to include that aren't listed
in their list.
Daniel> Close, but we could do a better job.
Opening up new netblocks is a big problem at the moment, because of
existing filters that believe they're still unallocated. It would be
good if SpamAssassin could do all that it can to avoid becoming part
of the problem.
>> It strikes me that the best place for dynamic data like this
>> would be in a DNSBL.
Daniel> Too unreliable and much performance impact on filtering
Daniel> for data that is not that dynamic.
Daniel> I'm pretty sure it's ideally placed into a configuration
Daniel> file (like trusted_networks). We can ship a default set
Daniel> and allow people to updated. Once we support daily
Daniel> updates, we can just push out new versions that way.
Fair enough, though one more DNSBL test isn't going to make a great
deal of difference, it seems to me.
If you want to stay with a configuration file, fine. But using Team
Cymru as the single source for (manually) generating that
configuration file is going to make management of that file a lot
easier than having to cross-check against multiple references. The
Cymru list seems to be the de fact standard list that people use...
-roy
