|
SA Bugzilla – Full Text Bug Listing |
Summary: | Domain blacklists domain wildcarding | ||
---|---|---|---|
Product: | Spamassassin | Reporter: | Raymond Dijkxhoorn <raymond> |
Component: | Libraries | Assignee: | SpamAssassin Developer Mailing List <dev> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | apache, raymond, riccardo.alfieri |
Priority: | P2 | ||
Version: | unspecified | ||
Target Milestone: | Undefined | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: |
Description
Raymond Dijkxhoorn
2020-07-07 10:23:01 UTC
Some related talk also found in Bug 7165. Yes it should be feasable to use a flag for example "tflags SURBL_FOO notrim". And this could be enabled for all multi.surbl.org queries? FWIW, we at Spamhaus support Raymond's request. Using untrimmed hostnames would provide for sure more spam catching from both SURBL and Spamhaus lists (In reply to Henrik Krohns from comment #1) > Some related talk also found in Bug 7165. > > Yes it should be feasable to use a flag for example "tflags SURBL_FOO > notrim". > > And this could be enabled for all multi.surbl.org queries? Yes. All of the multi lookups are wildcarded. So it applies to SURBL ABUSE, PH, CR and MW lookups. I saw SpamHaus was also added as a watcher. I am sure Riccardo can comment on the SpamHaus zones to be changed. Thanks! Raymond All lookups to DBL should have the "notrim" flag set. ZRD supports them too, but since it's only for DQS customers, I'll take care of adding the necessary changes in our plugin when/if (I really hope this will happen!) there is support in SA tflags "notrim" now implemented for urirhsbl/urirhssub Sending trunk/UPGRADE Sending trunk/lib/Mail/SpamAssassin/Plugin/URIDNSBL.pm Sending trunk/t/uribl.t Transmitting file data ...done Committing transaction... Committed revision 1888502. Will test locally for a bit, then add to stock rules. Very cool. Will this be included in 3.4.6 or will it be part of 4.x only? (In reply to Riccardo Alfieri from comment #6) > Very cool. Will this be included in 3.4.6 or will it be part of 4.x only? We tried to drop 3.4 maintenance several times already, new features for 4.x only. PS. Please try to run trunk version. It's been "production quality" for long time already. We need testers to prepare 4.0 release. :-) Committed to stock rules. As there is no syntax validation on tflags, it's safe to use notrim anywhere needed. Sending rules/25_uribl.cf Transmitting file data .done Committing transaction... Committed revision 1888663. Some get_uri_detail_list statistics of my corpus. Enabling notrim adds one or two queries more per message on average. So very little effect DNS usage wise, caching will probably reduce a lot too. HAM DOMAINS Range: 0.000 - 80.000; Mean: 2.114; Median: 2.000; Stddev: 2.641 Percentiles: 90th: 4.000; 95th: 5.000; 99th: 8.000 HAM HOSTS Range: 0.000 - 81.000; Mean: 3.065; Median: 3.000; Stddev: 3.126 Percentiles: 90th: 6.000; 95th: 7.000; 99th: 11.000 SPAM DOMAINS Range: 0.000 - 26.000; Mean: 1.444; Median: 1.000; Stddev: 1.218 Percentiles: 90th: 3.000; 95th: 4.000; 99th: 6.000 SPAM HOSTS Range: 0.000 - 26.000; Mean: 1.637; Median: 1.000; Stddev: 1.503 Percentiles: 90th: 3.000; 95th: 4.000; 99th: 7.000 |