spamassassin-dev October 2011 archive
Main Archive Page > Month Archives  > spamassassin-dev archives
spamassassin-dev: Re: [Bug 6668] DNSWL is lacking a rule to comm

Re: [Bug 6668] DNSWL is lacking a rule to communicate excessive use to users

From: Karsten Bräckelmann <guenther_at_nospam>
Date: Tue Oct 04 2011 - 23:20:04 GMT
To: dev@spamassassin.apache.org

> https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6668
>
> Kevin A. McGrail <kmcgrail@pccc.com> changed:

> If an RBL is submitted for inclusion for SA, it should not have policies that
> would affect anything but the most extreme cases. Any URLs should point to an
> SA page such as a wiki letting them know to disable the rules.
>
> > Also, I think it's really irresponsible for SpamAssassin to expose users to
> > this kind of punitive activity without actually warning them of the usage
> > thresholds of the services involved, as Warren lists here:
> > http://www.spamtips.org/2011/01/usage-limits-of-spamassassin-network.html
>
> I agree. What RBLs have this issue and I will immediate work to disable them
> in a default SA installation for the 3.4.0 release?

Merely having glimpsed over this bug report and discussion...

I do not agree in the general case. I do agree, however, in the case of
RBLs returning FP hits -- as apposed to anything harmless like a reply
never causing a hit, or even blocking the DNS queries.

This has been discussed many times before, and the bottom line is: We do
include RBLs like Spamhaus' lists by default, even though they require
subscription for really large sites. One of the strongest arguments is,
that this will by default use the RBLs in question, benefiting the vast
majority of SA users -- those, who would not have to sign up for a
subscription.

These typically smaller, and often really small installations do NOT
have the resources or knowledge to configure all these tiny thingies and
options, to get the best result. Whereas the really large sites DO have
the admin resources, and SHOULD DO have the knowledge, to either disable
them, or sign up for the subscription.

As I have done before, I pro-actively vote -1 on removing such RBLs.
Those who deliberately return FPs, on the other hand, should be pulled
from vanilla SA.

-- char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}