I concur 100%. Daniel is wrong. The problem isn't
dnswl.org the problem is the person who made the decision in
SpamAssassin to have the default for the dnswl plugin ENABLED
by default. That decision has been recognized to have been a
mistake which is why SA is making an update that will
turn it off by default.
This is not a "blame the user for stupid configuration mistakes"
problem this is a "blame the software developer for a stupid
configuration mistake" And the software developer has
acknowledged it was a mistake. So why people are calling
SA users "abusive" is beyond me.
Anyone who produces software understands that the users of
the software are not as knowledgeable about whatever it is
the software does - in a word, they are ignorant. That is
why there are software developers and software users.
If the users knew as much as the developer did they could write their
own software and they wouldn't need the developers. Thus, the developer
has an obligation to be somewhat responsible in not putting
in defaults that shoot people in the foot. If those users
want to enable things that shoot themselves in the foot that
is their affair.
The SA developers understand this, I don't see why it's so difficult
a concept for others to grasp.
Ted
On 12/12/2011 10:48 AM, Jeremy McSpadden wrote:
I agree with what you are saying, but to enable a plugin out of the box;
with no warning or instructions stating you need to "run a local caching
dns server in order to use this plugin successfully if your machine is
using a dns server that may or may not be used and making millions of
queries therefore banned" which returns a score that is giving a
negative score ... has no justification.
(sorry for the run on sentence)
--
Jeremy McSpadden
Flux Labs, Inc
http://www.fluxlabs.net <http://www.fluxlabs.net/>
Endless Solutions
*Office*: 850-588-4626
*Cell*: 850-890-2543
*Fax* : 850-254-2955
On Dec 12, 2011, at 12:35 PM, Daniel McDonald wrote:
Can I ask you a fairly blunt question?
What action could they have taken that would have caused you to notice
that
you were engaging in abusive miss-use of their service by continuing to
forward your requests through google?
I'm quite serious. DNSBLs have this problem of never being able to get rid
of the queries from sources that appear to be abusive. What can be done so
that a part-time admin will take notice and fix their equipment? A log
message? Special header in every e-mail? Change the subject line to "you
have Spamassassin integrated wrong!"? Or a visit from Guido and some
of the
boys, trying to make an offer you can't refuse?
In this case, they moved you to action by causing your customers some
grief.
That made you look into the issue, get guidance that you really need
to run
a local recursive caching DNS server in order to get clear answers from
DNSBLs, and then I imagine you fixed the problem. How else could they have
let you know?
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281
