On Thu, Dec 22, 2005 at 11:58:24AM -0800, Justin Mason wrote: > However, as an Apache project, we're hosting our lists at apache.org, and > they get *insane* quantities of spam, viruses, and blowback -- far too > many for the hardware to cope with, without upfront DNSBL use, apparently. > > It's not our call alone -- it's up to the ASF infrastructure volunteers. > We can *ask* them nicely, but considering we get it for free, it's > their call.
Sounds to me what's needed is a sort of 'SA-uberfast' that can be used as an MTA filter. For starters, this would allow for polling multiple RBLs instead of filtering on the results of just one. (Yes, I know you can poll multiple ones now, but the point is if you show up in any of them you get dropped. This we each RBL could be assigned a weight, and you only drop email based on total score). Hmm.. there's other tests that could be done quickly as well; checking for matching reverse DNS, for example. And having a score of some kind available, you could also decide how to handle the email based on the score. If the score is low, let the email right in. If it's medium, greylist it. If it's high, drop it completely. The one issue I can think of is this would have to perform better than a full-blown SA check does. If much of SA's time is spent doing things like BAYES checks then hopefully that wouldn't be an issue. -- Jim C. Nasby, Database Architect [EMAIL PROTECTED] Give your computer some brain candy! www.distributed.net Team #1828 Windows: "Where do you want to go today?" Linux: "Where do you want to go tomorrow?" FreeBSD: "Are you guys coming, or what?"
