Kevin A. McGrail skrev den 2017-01-25 17:20:
dkim is domain based, spf and dmarc is ip based, so not really easy to
use a ip based rbl :=)
Good point. I will clarify that I personally use RBLs as an inclusive
term for RBLs and URIBLs and I use them in ways that aren't blacklists
but just more datapoints. In short, RBLs is "generic" for me.
yes, then its good, but not if its remote not local maintained
one day spamassassin supports dmarc it would change, hope it will do
arc testing where it imho is more simple then its is today
I'm afraid there is a language or grammar issue here. I personally
pass along DMARC results to SA but one item I've considered is how to
write SA plugins for a lot of the cool stuff I do now that is just
scored by SA. So yes, it would be nice for SA to have a DMARC plugin
that is simple and just works. Is that what you meant?
yes, i have not got the askdns to make dmarc testing work here, i would
like to build a domain url repution, and a local list of first seen
domain list, to fight spammers that got to much money on new domains not
listed elsewhere
ip repution is nearly just dnswl data, so no need to make it localy, but
domain repution would make sense if it can be hooked to spamassassin -r
my local freshness would be more then 15 days :=)
i have personly not make local rbls that is ip based, all is for me
just domains, not usefull to block ip, and then ask for help if its
diffeerent spamming domain that relay from a good ip
Running my own RBL for IP and URIs (and hashes, etc.) has been very
useful. The idea of using DNS as a distributed existing
infrastructure for data points has been very useful. I wonder now who
came up with the idea first...
i think it was in EmailBL first seen, that pluging was very good
deesigned, but none used it very long, so it got killed
same as with clamav 3dr party spam signatures should not really have
being in clamav, but on a sa channel, i know there is a perl script to
make that 3dr party sigs back to sa, but it uses so much memmory that
its not practical :(
my solution to this is to use 2 clamd, and 2 clamav-milters, one of the
milters reject virus, while the other just add headers from 3dr party
clamav sigs, i hope clamav milter can have on_unofficial acccept so i
dont need 2 clamav-milters, and 2 clamd, when i reply on bugzilla
clamav, maintainers just laffed of me, so got tirred of use time on that
dwl / swl on spamhaus is currently empty, still lots of dynamic ips
missing in ther pbl listnings, hmm
Many of those dynamic lists are based on the vendors reporting them as
dynamic blocks. Using them in addition to reverse PTR data is very
helpful but hardly all inclusive. Just one more data point in the
fight against spammers.
spamhaus did not tell me while i had datafeed with them how to help with
sending spamtrap data to them, so now i got back to no datafeed again,
currently not much mail here to exced free limits
you reply all so i got dupe mails from you :(
