On Jan 24, 2012 at 20:50 +0100, Emanuele Balla (aka Skull) wrote:
=>On 1/24/12 7:23 PM, darxus(_at_)chaosreigns(_dot_)com wrote:
=>> As I tried to say in the past, having a value to return for all
=>> queries from a DNS server that has been deemed abusive is *useful* to
=>> black/whitelist providers. Enough that it's looking like it'll be done
=>> whether the ASRG likes it or not. If you'd prefer something other than
=>> 127.0.0.1 to be used, document it somewhere.
=>
=>I fully agree with you, FWIW...
=>
=>
=>> Also, as the linked article said, "...the 127.0.0.1 response indicates
=>> that uribl.com does not accept any queries from the DNS server".
=>> SpamAssassin had this handled as URIBL defined, no false positives
=>> resulted.
=>
=>Yes, and somehow that's the point: SW (like spamassassin) that deal with
=>return values correctly, will not encounter FPs but this means it also
=>gives the BL operator no advantage.
=>
=>While any other return value outside 127/8, while more opportune,
=>probably will affect bad implementations like 127.0.0.1 or any other code.
ASRG List,
See the SpamAssassin bugs ids related to this issue from just a few
weeks ago.
Bug 6724 - DNSxL returning purposefully wrong answers as part of
Anti-Abuse / Free for Some Policies
<https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6724>
Bug 6728 - DNSBLs need a way to turn off queries based on BLOCKED rules
triggering <https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6728>
--
***********************************************************************
Derek Diget Office of Information Technology
Western Michigan University - Kalamazoo Michigan USA - www.wmich.edu/
***********************************************************************
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg