On Thu, Jul 03, 2008 at 10:48:07AM +0200, Matus UHLAR - fantomas wrote:
> On 03.07.08 11:35, Henrik K wrote:
> > I'd like to encourage people to take more advantage of DNSWL.
>
> while DNSWL('s) may be good, I encountered many cases whan spam and bounces
> won't get catched by SA because the sender is in DNSQL.
Be more specific. What is "many cases" in percentage of your traffic? There
will always be FPs, but if the amount is insignificant it doesn't matter.
You can try some workaround rules for clear cases.
> > I'm currently converting DNSWL entries into trusted_networks and using
> > shortcircuited ALL_TRUSTED to reduce unnecessary processing. Also DNS
> > checks are reduced.
>
> Couldn't that lead to misfiring of some RBL checks?
Not when the rules check the border (external/trusted) that they are
supposed to.
