Karsten Bräckelmann wrote:
I guess one would need a new plugin for the above "yellow" RBLs, due to
the problem of limiting all hits per URI / IP as mentioned above. Also,
of course, one first needs a reliably and publicly available
do-not-blacklist RBL.
I have such an RBL. hostkarma.junkemailfilter.com which returns the
following codes.
127.0.0.1 - white - the message is ham
127.0.0.2 - black - the message is spam
127.0.0.3 - yellow - the IP contains no useful information
127.0.0.4 - brown - the IP is leaning spam - worth a point or so
127.0.0.5 - nobl - the IP should not be blacklisted - but may be white.
hostkarma.junkemailfilter.com also tests host names as well as IP addresses.
The logic is as follows. If yellow - move on. If white - accept and
deliver. If nobll then move on skipping all other RBL lookups. Then I
look up several black lists and I assign point values to eack list based
on my trust levels. If the lists are sufficiently black then the message
is rejected. SA sould incorporate this kind of logic. I use it in Exim
and it is extremely accurate.
http://wiki.junkemailfilter.com/index.php/Spam_DNS_Lists
