Re: All RCVD_IN_VALIDITY rules being applied to every email.

Tue, 19 Nov 2024 02:28:03 -0800 

On 18 Nov 2024, Bill Cole spake thusly:

If you forward DNS queries instead of running your own *fully
recursive* DNS resolver locally, you *look* like you are part of a
high-volume leech. This almost certainly does not mean you should run
dnsmasq locally, it means you need a REAL resolver. Unbound does a
good job without the rococo config options of BIND. Many people also
like the resolver half of the PowerDNS suite.


On 18.11.24 18:18, Nix wrote:

I'm running BIND (actually, two BINDs, one authoritative one, one
recursive resolver). Sorry, I've been doing that for so long I forgot
any alternative was possible! :)


Are you sure your provider does not intercept DNS queries?


The point of the big ugly error message is to have a big ugly error
message. MOST people who report problems with SA accuracy here have
misconfigured their resolvers, apparently because they don't trust
documentation or don't read it.


Not me! This is something else. Maybe lkml is just too high volume...
God knows it's too high volume to actually *read* (I'm grabbing it for
grepping purposes and I really don't mind if SA doesn't RBL-scan mails
directed there -- it's all my other mail I want RBL-scanning.)



looking at it RCVD_IN_VALIDITY_RPBL prodces 10s score, so little caching 
possible.




Yes, pretty much every non-paying customer is blocked...



On Mon, Nov 18, 2024 at 05:21:12PM +0000, Nix wrote:

From 
https://knowledge.validity.com/s/articles/Accessing-Validity-reputation-data-through-DNS
 :



 Starting March 1, 2024, Validity will allow up to 10,000 requests to anonymous 
users over a 30-day period.


On 19.11.24 04:46, Matija Nalis wrote:

10k requests per 30-day period is about 333 queries/day. Or less than 14 
queries per hour.
Not very much at all (and certainly at least order of magnitude less than your 
stated traffic).
No amount of local DNS caching is going to fix limits *that low*.


yeah, this looks like blocking every non-paying user.


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux - It's now safe to turn on your computer.
Linux - Teraz mozete pocitac bez obav zapnut.






















					Reply via email to