On Wed, 2010-10-13 at 12:28 +1300, Peter Lowish wrote: > I confirm that on revisiting, RCVD_IN_* rules are implemented - thanks for > your help
*sigh* > -----Original Message----- > From: Karsten Bräckelmann [mailto:guent...@rudersport.de] > Sent: Wednesday, 13 October 2010 11:41 a.m. > To: users@spamassassin.apache.org > Subject: Re: Constant .info domain spam > > On Wed, 2010-10-13 at 11:16 +1300, Peter Lowish wrote: > > How are RCVD_IN_* rules implemented Karsten? > > They are generally DNS BL checks, some of which do (and are safe for) > deep header parsing. Most of them are checked against the handing-over > relay's IP only, though. > > Stuff removed ^^^^^^^^^^^^^ I did *not* write that. What I did write, however, was an explicit request to not top-post. Moreover, I clearly asked for *which* RCVD_IN_* rules hit, and an estimate frequency number. Take a guess, if I have a reason for that. Not all of the DNS BLs have a query threshold. Yes, it is possible to get such hits, but still miss some of the most important ones. But hey, you ignored and snipped my questions and the information how to fix it (unless you are a seriously heavy load), so I only can assume it doesn't apply to you. *shrug* Well, if the above answers all your questions, glad to help. Otherwise, I guess we need the information I asked for. BTW, since you got my hint to strip the quote (although not limiting to unnecessary parts) -- there's no need to send a copy directly. I do read the list. I wouldn't have answered to your OP otherwise... -- char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
