Hi!
No one has actually implemented the rules for my blacklists correctly. My
lists support both IP and hostname lookups. The hostname assumes that you
have forward confirmed the RDNS so that you eliminate those who might spoof.
Most people copy/paste from your wiki, so if this is true ... i am not
sure where the real problem lies ;)
Yellow means that the IP or hostname contains no useful information as to
spam or no spam. On my system once I determine a host is yellow I skip all
blacklists and whitelists tests. Yellow is for Yahoo, Hotmail, Gmail, etc
where the IP has no information and all host tests are meaningless.
My NoBL list is similar to yellow except that you can skip black list lookup
but maybe might be whitelisted somewhere.
Please dont combine black and whitelists together in one BL. This will
trouble you. Many tools cannot look at the retern values. I think its a
bad idea. You can say hey not my problem but it will give a BL a bad karma
;)
If you just want to score points then Black, White, and Brown can be assigned
points. Yellow should be zero points regardless of how it tests.
Why would it be added to SA if the score is zero?
I think the real power of my lists is in the host name lookups. It would be
worthwhile to implement that.
I think my white listing is very accurate at this point. The thing about
white servers is that they aren't evasive like spammers. There should be some
short circuiting options to reduce system load on SA for white lookups.
Ouch, from your point of view it might be fine, but we see strange stuff
with DNSWL allready i certainly would not use this to shortcircuit things.
A question from the operational side, how many people are working on the
BL? Just you i assume? Not telling this is bad, but its a risk when adding
this into SA i feel personally. Same for the infra the BL is running on.
I might sounds harsh, but i am rather carefull, then again, we have SA
update. So it might not hurt that much. But during outages or DDoS it will
hurt for hours till its gone again.
Bye,
Raymond.
