Re: Should Spamhaus default to disabled?

[Bret Miller]

(Sorry about the top post...) One of the big issues with RBL services like this is the rules that use them change over time. We quite nicely fit into free use, but I realize that there are many others who do not. It might be a good enhancement to SA to be able to make a way to disable all queries to any service so that it could easily be disabled by those admin without having to constantly check to make sure sa-update hasn't included a new rule that hits the service. Something like use_dnsbl spamhaus 0 (defaults to 1) That way, if I decide I don't trust a certain services that SA defaults to use, I can disable the whole service and know that new rules will still be disabled because the service is. It would seriously simply the configuration for these cases. Bret On 6/11/2010 7:42 AM, Andy Dills wrote: After recently upgrading to a new mail cluster with SA 3.3.1, we were contacted (at every imaginable POC address) with a solicitation to purchase access to utilize the Spamhaus blacklists, or they'll stop answering our queries. We felt the amount of money being asked for was unreasonable, as we felt we likely wouldn't see an increase in spam if we turned them off. So, local.cf got: score URIBL_DBL_SPAM 0 score URIBL_DBL_ERROR 0 score RCVD_IN_ZEN 0 I think those are the only queries that generate lookups against Spamhaus, but I'm not positive. Regardless, we noticed no increase in spam after disabling these tests. I imagine there's lots of overlap on the blacklists. I think the maintainers of SA should strongly consider defaulting Spamhaus to "off". At the very least, it should be better documented how to entire disable Spamhaus queries. They have the right to charge for their data, but I question whether it's appropriate for an open-source project to generate sales leads in this manner. Andy --- Andy Dills Xecunet, Inc. www.xecu.net 301-682-9972 ---