Bug 6737

Summary: Disabling all related rules does not disable the queries for network tests
Product: Spamassassin Reporter: Darxus <Darxus>
Component: spamassassinAssignee: SpamAssassin Developer Mailing List <dev>
Status: RESOLVED FIXED    
Severity: normal CC: Darxus, jhardin, kmcgrail, sidney
Priority: P2    
Version: SVN Trunk (Latest Devel Version)   
Target Milestone: Undefined   
Hardware: All   
OS: All   
Whiteboard:

Description Darxus 2011-12-27 18:53:50 UTC 
For example, if you disable all the dnswl tests with:

score RCVD_IN_DNSWL_NONE 0
score RCVD_IN_DNSWL_LOW 0
score RCVD_IN_DNSWL_MED 0
score RCVD_IN_DNSWL_HI 0
score RCVD_IN_DNSWL_BLOCKED 0

You'll still send all the associated DNS queries if you don't use one of:

score __RCVD_IN_DNSWL 0 # recommended by http://wiki.apache.org/spamassassin/DnsBlocklists (John Hardin?)
meta __RCVD_IN_DNSWL 0 # recommended by Karsten Bräckelmann

This results in the possibility of sites disabling the rules while still sending large numbers of network queries.
Comment 1 John Hardin 2011-12-28 15:28:28 UTC 
(In reply to comment #0)

> score __RCVD_IN_DNSWL 0 # recommended by
> http://wiki.apache.org/spamassassin/DnsBlocklists (John Hardin?)

Disbling DNSWL does not explicitly appear in the wiki, though it can be inferred from what is in the wiki. The info on disabling rules was added by Matt Kettler in 2009.

My edits to the disabling section were only to correct formatting errors.
Comment 2 Darxus 2011-12-28 15:52:58 UTC 
(In reply to comment #1)
> Disbling DNSWL does not explicitly appear in the wiki, though it can be
> inferred from what is in the wiki. The info on disabling rules was added by
> Matt Kettler in 2009.
> 
> My edits to the disabling section were only to correct formatting errors.

Wow, wrapping text in triple curly braces strips off the leading "__", which is the change I was looking for in the history.  Thanks for the clarification.
Comment 3 Darxus 2011-12-28 15:55:22 UTC 
If we do "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0", is it still necessary to 0 out the rest of the rules?
Comment 4 Kevin A. McGrail 2011-12-28 18:49:53 UTC 
(In reply to comment #3)
> If we do "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0", is it still
> necessary to 0 out the rest of the rules?

I think we've had two differing goals:

1 is to stop queries.

2 is to stop scores.

Likely you have to do all of them including the meta rule to make sure that no queries are sent.  

There also seem to be a number of ways to disable things and some may have larger reaching implications than originally intended.
Comment 5 Darxus 2011-12-28 18:55:19 UTC 
I verified that "score __RCVD_IN_DNSWL 0" or "meta __RCVD_IN_DNSWL 0" will both disable the dnswl tests.  So as far as I can tell it's never necessary to do the rest of these:

score RCVD_IN_DNSWL_NONE 0
score RCVD_IN_DNSWL_LOW 0
score RCVD_IN_DNSWL_MED 0
score RCVD_IN_DNSWL_HI 0
score RCVD_IN_DNSWL_BLOCKED 0

Anybody know of a reason we shouldn't stop telling people to set the scores for all rules to 0, and just tell them to set the score of the eval rule to 0 or do the meta 0 thing?
Comment 6 Sidney Markowitz 2022-04-19 07:07:13 UTC 
(In reply to Darxus from comment #5)
> Anybody know of a reason we shouldn't stop telling people to set the scores
> for all rules to 0, and just tell them to set the score of the eval rule to
> 0 or do the meta 0 thing?

That's what the wiki says now.
https://cwiki.apache.org/confluence/display/spamassassin/DnsBlocklists (in Q&A at end of page) so I'm closing this old issue.