On 12/28/2010 9:05 PM, Warren Togami Jr. wrote:
Whoa. Ted please calm down. I think you read too much into this and
are seriously overreacting. I didn't propose immediately replacing
NJABL with <something else> like mailspike. I was only pointing out
that NJABL was performing very poorly, to such an extent that you're
better off removing it because it is needlessly using your resources.
In effect my proposal makes nearly zero difference to SpamAssassin's
current performance because these rules are nearly useless.
The process of adding new DNSBL's to the official spamassassin rules is
very lengthy. Among the things we need to improve/verify for
eligibility: As you have correctly noted, the website of Mailspike needs
improvements. Then we need to ask about the robustness of the mirror
network. Then ask for clarification about future plans for taking it
private and demanding money from users. I also know about other
measures to further improve Mailspike's performance.
All very good points. I guess I'm a bit frustrated because njabl is
clearly not performing anymore, I noticed that a few years back, and
yet it's still in SA but better BL's are not. As you (and I) both
illustrated, certain things need to be in place before a BL is added
to SA. It's frustrating that mailspike hasn't done the last little bit
needed to "polish it up" (although it is
good that they are care enough about it to pay attention) and it's
also frustrating that the njabl owner has (apparently) gotten complacent
with it's non-performance.
In my personal opinion njabl is suffering because they do not have
enough honeypot addresses and I seem to recall years ago sending an
e-mail to the admin there offering to setup forwards from abandoned
e-mail addresses I had that got a lot of spam, with zero interest on
their part. OK whatever. It's his BL and if he's happy with it, so
be it - I don't think many of the rest of us are.
Masschecks have confirmed for over a year now that Mailspike's
performance is awesome. Even after the above things are done, it still
might be months or even a year before SpamAssassin uses it as a default
rule, because current policies seem to allow for big changes like this
only at major releases like 3.4.0.
It seems we need a general discussion about rule update policies and
procedures, soon to happen on dev@ list.
Well, njabl's inclusion has survived several major releases I believe,
so I don't really buy the argument that the SA is only evaluating BLs
for major releases. I think what is actually going on is that they
stuck in some BL's as examples and then kind of forgot about it,
assuming that the first thing people are gonna do after installation is
to scrape out the supplied BL's and put in their own preferred ones.
However because the BL's are so important to the usefulness of SA I
would like to see SA change the blacklist configuration to something
a bit different. What I would like to see is a BL rules subdirectory
that contains rules for every known blacklist that is functioning,
no matter how poor they are, and then the main SA rules contain a
check into that subdirectory, looking for a config file in that
subdir. That config file is nothing more than a series of lines, one
for each BL. Each line is a name. If a BL name is present in the
config file (or uncommented) then the BL rule for that name is sucked
into SA, if the BL name isn't there, (or commented out) the rule or
rules for that BL are ignored.
This would easily integrate with front ends like webmin. SA could still
hold conservative defaults by uncommenting favored BL's by default,
so that the admins who don't care about this aren't hung out to
dry with no BL support at all. And updates to BL's would be easy as
if a BL went offline for example then SA could zero-out the rule files
for that BL and push an update out, or a new BL that was added then a
new rule would be pushed out via updates, yet not disturb an existing setup.
Ted
Warren
On Tue, Dec 28, 2010 at 6:23 PM, Sahil Tandon <sa...@freebsd.org
<mailto:sa...@freebsd.org>> wrote:
On Tue, 2010-12-28 at 22:44:09 +0000, João Gouveia wrote:
> Again, a bit harsh, but I see your point. We shall improve the web
> site whenever possible. As everything free (and we would like to
keep
> it that way), it's kind of subject to time+effort constraints, and
> typically we prefer to make use of that improving the efficiency of
> the list, and not so much working on the web site..
João, please do not be discouraged by the ranting. We use mailspike at
multiple sites and it is a valuable, low-FP addition to the DNSBL
arsenal. Thanks for your efforts.
--
Sahil Tandon <sa...@freebsd.org>
