David Jones skrev den 2018-02-05 15:09:
ifplugin Mail::SpamAssassin::Plugin::DNSEval
header __RCVD_IN_BRBL eval:check_rbl('brbl',
'bb.barracudacentral.org')
tflags __RCVD_IN_BRBL net
header __RCVD_IN_BRBL_2 eval:check_rbl_sub('brbl',
'127.0.0.2')
meta RCVD_IN_BRBL __RCVD_IN_BRBL_2 &&
!RCVD_IN_BRBL_LASTEXT
describe RCVD_IN_BRBL Received is listed in Barracuda RBL
bb.barracudacentral.org
score RCVD_IN_BRBL 1.2
tflags RCVD_IN_BRBL net
header RCVD_IN_BRBL_LASTEXT
eval:check_rbl('brbl-lastexternal', 'bb.barracudacentral.org')
describe RCVD_IN_BRBL_LASTEXT Last external is listed in
Barracuda RBL bb.barracudacentral.org
score RCVD_IN_BRBL_LASTEXT 2.2
tflags RCVD_IN_BRBL_LASTEXT net
endif
On 05.02.18 16:26, Benny Pedersen wrote:
this rule makes 2 dns querys, waste of cpu performance, i would
suggest to drop the lastextnal,
this rule checks all untrusted IPs, while lastexternal uses only one (often
the most important - IP that sent mail to your systems).
also, because of caching, brbl-lastexternal result will be cached.
b.barracudacentral.org uses ttl of 300, which should be cached during the
mail processing.
if you want to spare DNS queries, leave only lastexternal.
so its only if ip is listed yes or
no, 50% dns querys saved, and still same hits on listed ips, why do
we need to help spammers ?
network checks including DNS lookups help much in spam processing, after
bayes they are second best mechanism to detect spam.
NOT using them is helping spammers.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Atheism is a non-prophet organization.