Mark Martinec writes: > Rocco, > > > > > 2.4 RCVD_IN_WHOIS_BOGONS RBL: CompleteWhois: sender on > > > I wonder why score for RCVD_IN_WHOIS_BOGONS is 0 in 3.2.0-rc1 ? > > > > I don't understand.. maybe my remark is wrong, > > but I [do] get this score for the rules above > > I said '3.2.0-rc1', didn't I? > > Btw, I got 1800 messages hitting RCVD_IN_WHOIS_BOGONS in the > last 24 hours since I re-enabled the rule. (like 50.30.64.209, > 180.48.158.64, 94.130.200.203, ...); 6 of these were possibly > false positives (unconfirmed, half of them from the same mailing list).
Yeah, there's a bug in the bz reporting that some big company uses bogon space internally, instead of the 10.x or 192.168.x networks, and that this escapes via the Received headers causing FPs.... > Could it be that the combined-HIB.dnsiplists.completewhois.com > chokes under the load of a GA/perceptron run and stops responding? > I've seen it unresponsive yesterday for about half an hour. odd. I guess that's a possibility... :( --j.