spamassassin-dev September 2011 archive
Main Archive Page > Month Archives  > spamassassin-dev archives
spamassassin-dev: Re: High ham rate in darxus corpora for URIBL_

Re: High ham rate in darxus corpora for URIBL_WS_SURBL Re: ham scores

From: Benny Pedersen <me_at_nospam>
Date: Tue Sep 20 2011 - 20:07:13 GMT
To: <dev@spamassassin.apache.org>

On Tue, 20 Sep 2011 10:20:58 -0400, darxus@chaosreigns.com wrote:
> On 09/20, Axb wrote:
>> from what I'm seeing:
>> livejournal.com is in 20_aux_tlds.cf
>> util_rb_2tld livejournal.com
>
> I saw that, but didn't think it was relevant. How is it relevant?
> It also
> doesn't seem like it makes sense. "2TLDs include things like co.uk,
> fed.us, etc." Livejournal.com isn't one of those.

main domain is not user controlled but only owner editble, thats what
spammassassin see

add foo.example.com to urlbl, and add example.com as util_rb_2tld, then
foo is stilll listed, but example.com is not

util_rb_* does not only handle tlds

>> the uridnsbl_skip_domain rule applies to parent domain, not to
>> subdomains.
> I wondered about that, but the standard rules don't include *any*
> subdomains, and... these are URLs, they are generally subdomains.

that does not change what it does

>> You are trusting a third party DNS (as your forwarder) which *could*
>> be manipulating your queries.

more realistisk its overloaded

> Yes, it's possible. As I said, I'd be happy to ask them (linode) if
> something like that happened if I could get confirmation on what
> exactly
> the query response had to be (*.*.*.4, or exactly 127.0.0.4?).

first laern how dns works before make work around to have it work like
one like :=)

the old acl on 2.0.0.0/8 learned me more about dns then i have dream
on, telia.dk still have badly configured dns servers on there
subdomains, but telia.dk works since its 2 diff name servers, simple fix
is to redelegate to gratisdns.dk, no down time in this progress, but
telia.com dont listen, sad that telia.dk cant send there custommers
email with that error since there subdomains is acl'ed to 2.0.0.0/8

i can live with that problem :)

telia.dk is rfc-ignorant on top of that, and trustpilot is 5 out of 10
on user satisfaction

>> If you have a local resolver, why do the extra query hop?
>> or am I missing something?
> Seemed like a good idea to reduce load on the root servers. Do you
> disagree?

yes, root only tells where there owners dns servers is, it does not
being used for spamassassin

dig -4 +trace google.com

tells more of what happend