On Fri, 2010-06-11 at 10:42 -0400, Andy Dills wrote:
> score URIBL_DBL_SPAM 0
> score URIBL_DBL_ERROR 0
> score RCVD_IN_ZEN 0
>
> I think those are the only queries that generate lookups against Spamhaus,
> but I'm not positive.
IIRC that doesn't disable all DNS lookups against ZEN. You'd also need
to disable the non-scoring eval() that does the actual lookup.
meta __RCVD_IN_ZEN (0)
You also missed XBL, PBL, and URIBL_SBL.
> I think the maintainers of SA should strongly consider defaulting Spamhaus
> to "off". At the very least, it should be better documented how to entire
> disable Spamhaus queries.
Strong -1.
This topic has been discussed a few times before, so you are free to
check bugzilla and the list archives for full discussions.
The most important argument for me to keep it enabled by default is
simple. Small organizations and home users DO NOT have the knowledge and
admin power to care about all that stuff themselves. For them, SA should
work as good a possible out of the box. On the other hand, large
organizations that generate a *substantial* amount of BL queries per day
DO have the required power to tweak SA according to their specific needs
and environment.
That said, better documentation on this issue would not hurt. However...
Asking google already yields quite a lot of results. Including hints and
discussions that your above local.cf changes are insufficient.
Grepping for spamhaus in the default rule-set also trivially shows, you
missed a check_rbl() eval rule that generates queries.
You didn't come here to complain and ask for better docs without doing
some research, did you?
guenther
--
char *t="\10pse\0r\0dtu...@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4";
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1:
(c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}
