On Wed, 2011-12-14 at 11:58 +0100, Matus UHLAR - fantomas wrote: > On 12.12.11 12:58, dar...@chaosreigns.com wrote: > >Tomorrow's sa-update will include disabling of the DNSWL rules. If you > >wish to locally enable them with the same scores which had previously been > >default, use this: > > > >score RCVD_IN_DNSWL_NONE -0.0001 > >score RCVD_IN_DNSWL_LOW -0.7 > >score RCVD_IN_DNSWL_MED -2.3 > >score RCVD_IN_DNSWL_HI -5 > > > >It was disabled because it is returning a value triggering RCVD_IN_DNSWL_HI > >for all queries from DNS servers deemed abusive, causing false negatives in > >SpamAssassin. It was the only network test, enabled in SpamAssassin > >by default, intentionally returning known incorrect values under any > >circumstances. > > well, same thing hapened with some blacklists in the past, which > resulted to high number of FP's. > > While FNs mean (much/all) mail not to be detected, FP's are uch worse. > > I wonder why SA disables DNWSL rules, with this logic blacklists, not > whitelists, should be disabled... >
Personally, I think all whitelists should be disabled by default (I disabled all whitelists as of some years ago, and occasionally check to see no new ones has cropped up). That way is someone wants to allow others to decide who they can trust (always a bad idea IMHO, trust to each networks must be earned, not given based on third party advice, and most definitely never ever bought), so they must explicitly allow it.
signature.asc
Description: This is a digitally signed message part
