[SURBL-Discuss] Fwd: Re: Bill Stearns' sa-blacklist available as SURBL: ws.surbl.org

Jeff Chan jeffc at surbl.org
Tue Apr 20 19:19:26 CEST 2004


[FWIW Looks like mailman is *not* stamping a list reply-to as I set
in the configs....]

On Tuesday, April 20, 2004, 5:51:18 PM, William Stearns wrote:
>> 4) Over half the size of those zones is in the TXT records. Just
>>    changing 'Message body contains domain in sa-blacklist. See:
>>    http://www.stearns.org/sa-blacklist/' to 'Blocked, See:
>>    http://www.stearns.org/sa-blacklist/' reduced the 'ws' zone size by 33%

>         Works for me!  Jeff, feel free to make that change anytime.

Done.  Hope the change doesn't break anyone...  Hopefully they're
using the A record first, and the TXT for a comment, if at all.  :-)

(The default/sample SA 2.63 SpamCopURI and 3.0 urirhsbl rules
seem to write their own text descriptions based on the A record,
so I think we're ok.  Other folks could be using the TXT record
however.  I'll announce the change and hope we catch them.

I may shorten the sc.surbl.org TXT message also....)

>> 5) It's possible to combine the zones but keep the data logically seperate
>>    so people can differentiate and adjust scores/policys accordingly.
>>    Check out how MAPS does RBL+, the A record returns an "IP address"
>>    that is effectivly a bit-mask flag to indicate which MAPS zone
>>    the original hit was from (DUL, RSS, RBL, OPS, etc).
>>    Look at how the 'check_rbl' and 'check_rbl_sub' routines are
>>    used inside SA to pull apart a single DNS query against RBL+
>>    (at least in SA 2.6*, havn't looked at 3.0 yet ;)

>         No experience with this, so no opinion.
>         Thanks for the ideas, Dave.  Jeff, enough people have asked for
> the combined list that I'm game to set up an "all.surbl.org" combined list
> if you are.  It really sounds like the technical concerns are all 
> handleable.  We can still keep the sc and ws subdomains for those that 
> think my taste in domains is questionable... :-)

We could combine into larger lists with:

1.  Different TTLs per record (essentially as now, through the
default zone file $TTL)
2.  Different A records, i.e. 127.0.0.2 for sc, `127.0.0.3 for ws, etc.
3.  Different TXT messsages (as now)

Sounds like keeping all the A records at 127.0.0.2, making the
different TTLs and keeping the current TXTs indicating the
data sources, while combining all the records into larger lists
could work.  (I.e. #1, #3 but not #2.)

Comments?

Jeff C.



More information about the Discuss mailing list