>
> ...and I bet there are still commercial anti-spam products using
> dsbl.org because they haven't figured it out either :-)
Wasn't there a standard at one time, return something different (test) if
you queries 2.0.0.127.{dnsblacklist}? If it returned (at least) '127.0.0.2'
and a list of other valid bitflags. that meant that the dnsbl was up and
running? Anything else and it wasn't?
host 2.0.0.127.zen.spamhaus.org.
2.0.0.127.zen.spamhaus.org has address 127.0.0.2
2.0.0.127.zen.spamhaus.org has address 127.0.0.4
2.0.0.127.zen.spamhaus.org has address 127.0.0.10
I am glad SA has sa-update, because in the tradition of the other dead
blacklists, they will either stop producing the zone, take server offline,
or return 127.0.0.2 for everything like a couple of zones do(did).
In this case, testing would be easy enough (if you decided to do that),
since it timesout.
--
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
>
> Also, dsbl.org was returning "OK" DNS records for every request, so
> having some process that "checks" that each RBL SA uses was still
> working wouldn't have detected a fault - unless it starts flagging
> errors because dsbl.org wasn't catching anything. The decision how to
> make an RBL server act *on failure* is pretty much up to the owner.
>
> No standards == no way to automatically/consistently check. The wetware
> method still works fine on occasion ;-)
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.spammertrap.com
_________________________________________________________________________
