On Tue, Oct 11, 2022 at 12:33:19PM -0400, Kevin A. McGrail wrote: > > On 10/11/2022 2:29 AM, Henrik K wrote: > > Seems it's been disabling many active and useful DNSBL/WL lookups for a long > > time? > > Correct. We found they had overlap or didn't add to the accuracy of > categorization so disabling rules is a key part of reducing weight of rule > scanning and improving efficiency. This is inherent in the KAM ruleset and > has been there for several years.
I know, it makes sense for a few things, but I'm surprised you are disabling many popular DNSBLs. How much efficiency do you expect from dropping a few DNS queries? How often do you re-measure the accuracy from all the dropped rules? Why not just drop RCVD_IN_ZEN etc from official ruleset then..
