Henrik K wrote:
> On Wed, Jan 20, 2010 at 04:16:29PM +1000, Res wrote:
>> On Wed, 20 Jan 2010, Henrik K wrote:
>>
>>>>>> (?:[01257]|(?!127.0.0.)127|22[3-9]|2[3-9]\d|[12]\d{3,}
[3-9]\d\d+)\.\d+\.\d+\.\d+
>>>>>
>>>>> Thats crazy! It's wrong since 1/8 is now allocated, it also does
>>>>> not detect most other bogon ranges, What is the point of this...
>>>>> Another rule I now need to disable.
>>>>
>>>> Please open a bug...
>>>
>>> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6295
>>
>> Thanks for logging that.
>>
>> I do think we need a better way to catch them, including the other
>> 20 or so plus bogon ranges it currently ignores. I can see where DNS
>> checks would be better suited (bogons.cymru.com), or, at the very
>> least, a ruleset, which can be updated in the "daily updates run"
>> when new ranges are allocated.
>
> DNS checks would be overkill for a list that doesn't change that
> often.
Overkill yes, but "affordable", especially with results being cached.
Personally I would favor DNS for data that _does_ change, even if only
very rarely.
/Per Jessen, Zürich
