On 07/10/2009 05:19, Rob McEwen wrote:
Also, this loses the ability to *score* on multiple lists... unless you
use a bitmasked scoring system whereby one list gets assigned ".2",
another ".4", another ".8", on to ".128". But that leaves a maximum of
only 7 lists. Sure, you can add more than 7 by employing other octets in
the "answer IP", but that only severely complicates matters.
And as it stands, you'd also have the complexity of getting the spam
filter to parse, understand, and react properly to those bitmasks.
I don't understand the logic of that. Ie, why you'd need to use
bitmasking? zen.spamhaus.org is a combination of various different lists
and returns multiple values like this:
m...@haven:~$ host -t a 2.0.0.127.zen.spamhaus.org
2.0.0.127.zen.spamhaus.org A 127.0.0.4
2.0.0.127.zen.spamhaus.org A 127.0.0.10
2.0.0.127.zen.spamhaus.org A 127.0.0.2
m...@haven:~$
It's perfectly easy for SpamAssassin to see that three different values
have been returned, so 127.0.0.2 is on three separate lists and that an
extra score should be applied for each of those three.
It's also quite easy to do it in Exim, eg if I wanted to block an email
in Exim if the sending ip is on both sbl.spamhaus.org and
xbl.spamhaus.org I could either do two dns lookups like this:
deny dnslists = sbl.spamhaus.org
dnslists = xbl.spamhaus.org
Or I could do it with a single dns lookup like this:
deny dnslists = zen.spamhaus.org=127.0.0.2
dnslists = zen.spamhaus.org=127.0.0.4
You can be 100% backwards compatible by leaving all of your lists as
they are, but then adding another one which is a combined version of all
of them...
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226) http://cardwellit.com/
