Mike Cardwell wrote: >>> For listing both emails and uri's it would be useful if you could add >>> regular expressions. [...]
Steve Freegard responded: >> Yuck; if you want to do stuff using regexp then: >> >> uri RULE_NAME /<regexp>/ >> score RULE_NAME nn.nnn >> >> Is the best way to do this - not via DNS. Mike Cardwell defended: > Depends what you're trying to achieve. I thought the objective was a > block list of email addresses that could be queried via the DNS by any > application... Your suggestion doesn't really capture the requirements. > > In this particular example, the list should be used for preventing your > users sending emails *to* those addresses. Many organisations rightly or > wrongly don't perform spam filtering on their outgoing relays so > spamassassin is a bit over the top when you can just use another dns > based bl. If by "any application" you mean "any application that can handle full-blown perl regular expressions" ... your regex examples are nontrivial, so you're already pretty much catering to SA anyway. There's also the question of handling quotes and other forbidden characters in the TXT field, plus its length limit. Once that's all solved, the question of feasibility and efficiency still looms. Given the options of putting that kind of thing in (A) DNS or (B) sa-channels, I'd lean towards (B) on the way to (C) something else: I'm sure Justin Mason (for his sought channel) has thought long and hard about this. The mechanism for sa-update is brilliant, but doesn't lend itself to enormous indices of frequently-changing rulesets. Even if it were revised to enable a diff/patch system (hint hint), it would still fail to distribute the remaining load. Justin: Perhaps sa-update could support [version].torrent in addition to [version].tar.gz on each mirror? (This doesn't touch the current DNS-based version/announce system.) Channels hosted for versions of SA after the supporting release (e.g. 0.4.3.[channel] and "higher") would be allowed to host only the torrent file. Either the self-healing nature of BT would implement the diffing portion for free, or SA's BT client would merely choose which files in the torrent to download (assuming there are perl-based clients that support that... libtorrent does, but that's C-based), as it would contain full.cf, [n-1].diff, [n-2].diff, [n-3].diff, and [last release yesterday].diff (or the like). ... this is similar to my proposal for a distributed Blue Frog rehash, http://khopesh.com/wiki/Ending_spam -- Adam Katz khopesh on irc://irc.freenode.net/#spamassassin http://khopesh.com/Anti-spam
