Well I think the FAQ note is a good idea, since a hyperactive DNS server wasn't the first thing I thought of when I saw this problem. However, turning off the OpenDNS hyperactivity does require a fixed IP address to originate the queries - I found it easier to use OpenDNS for my desktops, and switch to something else for the SpamAssassin server. cheers, Don Craig Jeff Chan wrote: On Wednesday, September 27, 2006, 11:17:59 PM, Donald Craig wrote:And Theo Van Dinter pointed out: You're not by chance using the opendns.{com,org} folks for DNS, are you?Of course. I'm an idiot. I switched to OpenDNS a couple of weeks back. Time to return from whence I came. Thank you, Don Craig -------------------------------------------------------------------- I'm getting matches whenever I have an embedded URL on URIBL_AB_SURBL and URIBL_PH_SURBL - unless the URL is actually in URIBL_SBL, in which case the logic for all the flavors of URIBL_XX_SURBL seems to work correctly. I have verified the absence of the incorrectly matching URLs from SURBL with lookups in http://www.rulesemporium.com/cgi-bin/uribl.cThis is SpamAssassin 3.1.5, all was fine in 3.1.2.For now I have set both those tests to 0.00.Don Craig Thanks for the reminder guys. I've added the following note about OpenDNS compatibility to the SURBL FAQ: __ http://www.surbl.org/faq.html#opendns "I'm using OpenDNS and getting wrong answers to SURBL DNS queries OpenDNS is a service that changes the responses to some DNS queries in order to prevent users from visiting spam, phishing, etc., sites. It also has a "typo correction" feature that directs mistyped domain names to custom sites controlled by OpenDNS instead of sites controlled by typosquatters, phishers, etc. When using SURBLs with an OpenDNS nameserver it's important to disable the typo correction feature, or the responses to non-matching SURBL queries will be incorrect to a SURBL application. The reason is that the OpenDNS nameservers return an IP address of their own web site in those cases, and that modified IP address will have an incorrect effect on SURBL list identification that depends on where the bit patterns happen to be in the modified response. SURBLs will work with OpenDNS if their typo correction feature is disabled on servers or clients doing SURBL queries." __ Does that look about right? Jeff C. |
- Re: Non-blocklisted embedded URLs are getting hits on URIBL... Jeff Chan
- Re: Non-blocklisted embedded URLs are getting hits on ... Donald Craig
- Re: Non-blocklisted embedded URLs are getting hits on ... Chris
- Re: Non-blocklisted embedded URLs are getting hits... David Ulevitch
- Re: Non-blocklisted embedded URLs are getting ... Justin Mason
- Re: Non-blocklisted embedded URLs are gett... David Ulevitch
- Re: Non-blocklisted embedded URLs are... Justin Mason
- Re: Non-blocklisted embedded URLs... Jeff Chan
- Re: Non-blocklisted embedded ... Justin Mason