At 10:17 AM 12/8/2004 -0500, Chris Santerre wrote:

OK, we know that the popular domains like yahoo.com and such are hard coded into SA to be skipped on DNSRBL lookups. But it would be great to have a function to add more locally.

Um. They are?? AFAIK there are absolutely no whitelists to the DNSRBLs in SA itself.

Don't confuse the "EXISTING_DOMAINS" list in DNS.pm with a whitelist.

That's actually a list of domains that are used to test if your DNS is working if you don't have dns_available set to yes. SA does a quick MX query for one of the domains in the list, and if it gets an answer, it knows it's working...

However, I do agree it would be nice to be able to have a DNSBL whitelist capability, if for no other reason than fixing any listings that might cause short-term FPs.

Thinking one step bigger, it would be even better to feed this a file. This way maybe SURBL can create a file for the top hit legit domains. Then using SARE and RDJ, people could update that. This would reduce a lot of traffic and time.

Wait, now you're bringing SURBL into this.. are you talking normal DNSRBLS, or URIDNSBLS? Or both?

Was the whitelist you were referring to really the SURBL server-side whitelist?

This might also help with the mysterious bug we have seen where some local domains are being flagged as SURBL hit, when they aren't in SURBL. Perhaps whitelisting local domains so they are skipped would do away with this.

Agreed.. It would provide users a short-term fix, although really the problem does need to be rooted out at some point..

Thoughts, suggestions, or coffee?

All of the above?